Vulnerability in Debian Advanced_package_tool
CVE-2014-0487
APT before 1.0.9 does not verify downloaded files if they have been modified as indicated using the If-Modified-Since header, which has unspecified impact and attack vectors.
EPSS: 0.019 (76.4th percentile) — read the EPSS interpretation.
Affected products
- Debian Advanced_package_tool — versions 1.0.3, 1.0.7
- N/a — versions n/a
References
- security@debian.org (x_refsource_SECUNIA, third-party-advisory)
- security@debian.org (x_refsource_SECUNIA, third-party-advisory)
- security@debian.org (x_refsource_UBUNTU, vendor-advisory, Patch, Vendor Advisory)
- security@debian.org (vendor-advisory, x_refsource_DEBIAN, Vendor Advisory)