CVE-2014-0487

CVE-2014-0487

EPSS 1.9%

APT before 1.0.9 does not verify downloaded files if they have been modified as indicated using the If-Modified-Since header, which has unspecified impact and attack vectors.

Affected products

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

http://secunia.com/advisories/61275 http://secunia.com/advisories/61286 http://ubuntu.com/usn/usn-2348-1 http://www.debian.org/security/2014/dsa-3025