admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-28 09:11:28 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2008/CVE-2008-29xx/CVE-2008-2950.json
René Helmke 7791f18b51 bootstrap
2023-05-16 16:09:41 +02:00

143 lines
4.3 KiB
JSON
Raw Blame History

{
"id": "CVE-2008-2950",
"sourceIdentifier": "cve@mitre.org",
"published": "2008-07-07T23:41:00.000",
"lastModified": "2018-10-11T20:45:29.703",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "The Page destructor in Page.cc in libpoppler in Poppler 0.8.4 and earlier deletes a pageWidgets object even if it is not initialized by a Page constructor, which allows remote attackers to execute arbitrary code via a crafted PDF document."
},
{
"lang": "es",
"value": "El destructor Page de Page.cc en libpoppler de Poppler 0.8.4 y anteriores, elimina el objeto pageWidgets incluso si \u00e9ste no ha sido iniciado por un constructor Page, esto permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n mediante un documento PDF manipulado."
}
],
"vendorComments": [
{
"organization": "Red Hat",
"comment": "Not vulnerable. This issue did not affect the versions of poppler as shipped with Red Hat Enterprise Linux 5, or other PDF parsing applications derived from the xpdf code as shipped in Red Hat Enterprise Linux 2.1, 3, 4, or 5.",
"lastModified": "2008-07-08T00:00:00"
}
],
"metrics": {
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "NONE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5
},
"baseSeverity": "HIGH",
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": true,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-94"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:poppler:poppler:*:*:*:*:*:*:*:*",
"versionEndIncluding": "0.8.4",
"matchCriteriaId": "5739C603-4976-48C9-B28F-9E3FD9D3E2A9"
}
]
}
]
}
],
"references": [
{
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00006.html",
"source": "cve@mitre.org"
},
{
"url": "http://security.gentoo.org/glsa/glsa-200807-04.xml",
"source": "cve@mitre.org"
},
{
"url": "http://securityreason.com/securityalert/3977",
"source": "cve@mitre.org"
},
{
"url": "http://wiki.rpath.com/Advisories:rPSA-2008-0223",
"source": "cve@mitre.org"
},
{
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:146",
"source": "cve@mitre.org"
},
{
"url": "http://www.ocert.org/advisories/ocert-2008-007.html",
"source": "cve@mitre.org"
},
{
"url": "http://www.securityfocus.com/archive/1/493980/100/0/threaded",
"source": "cve@mitre.org"
},
{
"url": "http://www.securityfocus.com/archive/1/494142/100/0/threaded",
"source": "cve@mitre.org"
},
{
"url": "http://www.securityfocus.com/bid/30107",
"source": "cve@mitre.org"
},
{
"url": "http://www.securitytracker.com/id?1020435",
"source": "cve@mitre.org"
},
{
"url": "http://www.ubuntu.com/usn/usn-631-1",
"source": "cve@mitre.org"
},
{
"url": "http://www.vupen.com/english/advisories/2008/2024/references",
"source": "cve@mitre.org"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43619",
"source": "cve@mitre.org"
},
{
"url": "https://www.exploit-db.com/exploits/6032",
"source": "cve@mitre.org"
},
{
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-August/msg00161.html",
"source": "cve@mitre.org"
}
]
}
Reference in New Issue View Git Blame Copy Permalink