admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-28 17:21:36 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2008/CVE-2008-39xx/CVE-2008-3922.json
René Helmke 7791f18b51 bootstrap
2023-05-16 16:09:41 +02:00

138 lines
4.2 KiB
JSON
Raw Blame History

{
"id": "CVE-2008-3922",
"sourceIdentifier": "cve@mitre.org",
"published": "2008-09-04T18:41:00.000",
"lastModified": "2018-10-11T20:50:27.780",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "awstatstotals.php in AWStats Totals 1.0 through 1.14 allows remote attackers to execute arbitrary code via PHP sequences in the sort parameter, which is used by the multisort function when dynamically creating an anonymous PHP function."
},
{
"lang": "es",
"value": "awstatstotals.php de AWStats Totals 1.0 hasta 1.14, permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de secuencias PHP en el par\u00e1metro sort que se emplea en la funci\u00f3n multisort cuando de forma din\u00e1mica se crea una funci\u00f3n PHP an\u00f3nima."
}
],
"metrics": {
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"accessVector": "NETWORK",
"accessComplexity": "MEDIUM",
"authentication": "NONE",
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3
},
"baseSeverity": "HIGH",
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"acInsufInfo": false,
"obtainAllPrivilege": true,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-94"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:telartis_bv:awstats_totals:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EB4AC543-C314-40F1-9DE7-80BC7CE8CFD2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:telartis_bv:awstats_totals:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "333F1513-9A70-4688-99A4-A9762D601AAE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:telartis_bv:awstats_totals:1.11:*:*:*:*:*:*:*",
"matchCriteriaId": "51AEF1B6-8C0A-4887-A627-2EE3B533216F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:telartis_bv:awstats_totals:1.13:*:*:*:*:*:*:*",
"matchCriteriaId": "567AC813-9B48-41CE-B289-E2ACB6AE5EA7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:telartis_bv:awstats_totals:1.14:*:*:*:*:*:*:*",
"matchCriteriaId": "9A3E6A6E-668B-463D-BCF3-45A86D7F5ACE"
}
]
}
]
}
],
"references": [
{
"url": "http://securityreason.com/securityalert/4218",
"source": "cve@mitre.org"
},
{
"url": "http://securityreason.com/securityalert/8259",
"source": "cve@mitre.org"
},
{
"url": "http://userwww.service.emory.edu/~ekenda2/EMORY-2008-01.txt",
"source": "cve@mitre.org"
},
{
"url": "http://www.exploit-db.com/exploits/17324",
"source": "cve@mitre.org"
},
{
"url": "http://www.securityfocus.com/archive/1/495770/100/0/threaded",
"source": "cve@mitre.org"
},
{
"url": "http://www.securityfocus.com/bid/30856",
"source": "cve@mitre.org"
},
{
"url": "http://www.telartis.nl/xcms/awstats/",
"source": "cve@mitre.org",
"tags": [
"Patch"
]
},
{
"url": "http://www.vupen.com/english/advisories/2008/2442",
"source": "cve@mitre.org"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44712",
"source": "cve@mitre.org"
},
{
"url": "https://www.exploit-db.com/exploits/6368",
"source": "cve@mitre.org"
}
]
}
Reference in New Issue View Git Blame Copy Permalink