VYPR
Unrated severityNVD Advisory· Published Feb 1, 2012· Updated Jun 16, 2026

CVE-2012-0809

CVE-2012-0809

Description

Format string vulnerability in the sudo_debug function in Sudo 1.8.0 through 1.8.3p1 allows local users to execute arbitrary code via format string sequences in the program name for sudo.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

8
  • Todd Miller/Sudo7 versions
    cpe:2.3:a:todd_miller:sudo:1.8.0:*:*:*:*:*:*:*+ 6 more
    • cpe:2.3:a:todd_miller:sudo:1.8.0:*:*:*:*:*:*:*
    • cpe:2.3:a:todd_miller:sudo:1.8.1:*:*:*:*:*:*:*
    • cpe:2.3:a:todd_miller:sudo:1.8.1p1:*:*:*:*:*:*:*
    • cpe:2.3:a:todd_miller:sudo:1.8.1p2:*:*:*:*:*:*:*
    • cpe:2.3:a:todd_miller:sudo:1.8.2:*:*:*:*:*:*:*
    • cpe:2.3:a:todd_miller:sudo:1.8.3:*:*:*:*:*:*:*
    • cpe:2.3:a:todd_miller:sudo:1.8.3p1:*:*:*:*:*:*:*
  • Sudo Project/Sudollm-create
    Range: >=1.8.0, <=1.8.3p1

Patches

Vulnerability mechanics

References

4

News mentions

0

No linked articles in our index yet.