cpe:/a:todd_miller:sudo:1.8.0 cpe:/a:todd_miller:sudo:1.8.1 cpe:/a:todd_miller:sudo:1.8.1p1 cpe:/a:todd_miller:sudo:1.8.1p2 cpe:/a:todd_miller:sudo:1.8.2 cpe:/a:todd_miller:sudo:1.8.3 cpe:/a:todd_miller:sudo:1.8.3p1 CVE-2012-0809 2012-01-31T19:55:02.070-05:00 2018-01-04T21:29:28.803-05:00 7.2 LOCAL LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov 2012-02-01T08:17:00.000-05:00 ALLOWS_ADMIN_ACCESS FULLDISC 20120130 Advisory: sudo 1.8 Format String Vulnerability GENTOO GLSA-201203-06 MISC http://archives.neohapsis.com/archives/fulldisclosure/2012-01/att-0591/advisory_sudo.txt CONFIRM http://www.sudo.ws/sudo/alerts/sudo_debug.html Format string vulnerability in the sudo_debug function in Sudo 1.8.0 through 1.8.3p1 allows local users to execute arbitrary code via format string sequences in the program name for sudo.