mirror of
https://github.com/fkie-cad/nvd-json-data-feeds.git
synced 2025-05-29 01:31:20 +00:00
109 lines
3.9 KiB
JSON
109 lines
3.9 KiB
JSON
{
|
|
"id": "CVE-2008-5409",
|
|
"sourceIdentifier": "cve@mitre.org",
|
|
"published": "2008-12-10T06:44:42.423",
|
|
"lastModified": "2017-10-19T01:30:15.473",
|
|
"vulnStatus": "Modified",
|
|
"descriptions": [
|
|
{
|
|
"lang": "en",
|
|
"value": "Unspecified vulnerability in the pdf.xmd module in (1) BitDefender Free Edition 10 and Antivirus Standard 10, (2) BullGuard Internet Security 8.5, and (3) Software602 Groupware Server 6.0.08.1118 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PDF file, possibly related to included compressed streams that were processed with the ASCIIHexDecode filter. NOTE: some of these details are obtained from third party information."
|
|
},
|
|
{
|
|
"lang": "es",
|
|
"value": "Vulnerabilidad sin especificar en el m\u00f3dulo pdf.xmd en (1) BitDefender Free Edition 10 y Antivirus Standard 10, (2) BullGuard Internet Security v8.5, y (3) Software602 Groupware Server v6.0.08.1118, permite a atacantes remotos provocar una denegaci\u00f3n de servicio (ca\u00edda de aplicaci\u00f3n) o posiblemente ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de un archivo PDF manipulado, seguramente relacionado con la inclusi\u00f3n de flujos comprimidos que son procesados con el filtro ASCIIHexDecode. NOTA: algunos de \u00e9stos detalles han sido obtenidos a partir de terceros."
|
|
}
|
|
],
|
|
"metrics": {
|
|
"cvssMetricV2": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"cvssData": {
|
|
"version": "2.0",
|
|
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
|
|
"accessVector": "NETWORK",
|
|
"accessComplexity": "MEDIUM",
|
|
"authentication": "NONE",
|
|
"confidentialityImpact": "COMPLETE",
|
|
"integrityImpact": "COMPLETE",
|
|
"availabilityImpact": "COMPLETE",
|
|
"baseScore": 9.3
|
|
},
|
|
"baseSeverity": "HIGH",
|
|
"exploitabilityScore": 8.6,
|
|
"impactScore": 10.0,
|
|
"acInsufInfo": false,
|
|
"obtainAllPrivilege": false,
|
|
"obtainUserPrivilege": false,
|
|
"obtainOtherPrivilege": false,
|
|
"userInteractionRequired": true
|
|
}
|
|
]
|
|
},
|
|
"weaknesses": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"description": [
|
|
{
|
|
"lang": "en",
|
|
"value": "CWE-119"
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"configurations": [
|
|
{
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:bitdefender:antivirus:10:_nil_:standard:*:*:*:*:*",
|
|
"matchCriteriaId": "99345132-856D-4E53-AE8F-101308FCC42E"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:bitdefender:bitdefender:10:_nil_:free_edition:*:*:*:*:*",
|
|
"matchCriteriaId": "62BA09A9-6D2C-4C35-BB3E-B517BCC9B6D4"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:bullguard:internet_security:8.5:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "B6B4BB76-CF3D-45E6-BB29-F4BBB547C7E1"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:software602:groupware_server:6.0.08.1118:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "F8EE9C8A-9417-4A5A-90A0-5F6D8EB4370B"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"references": [
|
|
{
|
|
"url": "http://milw0rm.com/sploits/2008-BitDefenderDOS.zip",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "http://www.securityfocus.com/bid/32396",
|
|
"source": "cve@mitre.org",
|
|
"tags": [
|
|
"Exploit"
|
|
]
|
|
},
|
|
{
|
|
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46750",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "https://www.exploit-db.com/exploits/7178",
|
|
"source": "cve@mitre.org"
|
|
}
|
|
]
|
|
} |