CVE-2013-6499

NameCVE-2013-6499
Descriptionloading a module relative to the cwd
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, bugtraq, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, Mageia, GitHub code/issues, web search, more)
Debian Bugs777230

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
libmp3-info-perl (PTS)wheezy, jessie1.24-1vulnerable
buster, sid, stretch1.24-1.2vulnerable

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
libmp3-info-perlsource(unstable)(unfixed)unimportant777230

Notes

[jessie] - libmp3-info-perl <no-dsa> (Minor issue)
[wheezy] - libmp3-info-perl <no-dsa> (Minor issue)
[squeeze] - libmp3-info-perl <no-dsa> (Minor issue)
Marked as unimportant at least for unstable, since the issue is mitigated
by src:perl not having '.' in INC since 5.22.2-4 by default.

Search for package or bug name: Reporting problems