admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-28 09:11:28 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2008/CVE-2008-51xx/CVE-2008-5186.json
René Helmke 7791f18b51 bootstrap
2023-05-16 16:09:41 +02:00

253 lines
9.7 KiB
JSON
Raw Blame History

{
"id": "CVE-2008-5186",
"sourceIdentifier": "cve@mitre.org",
"published": "2008-11-21T02:30:00.517",
"lastModified": "2017-08-08T01:33:09.733",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "** DISPUTED ** The set_language_path function in geshi.php in Generic Syntax Highlighter (GeSHi) before 1.0.8.1 might allow remote attackers to conduct file inclusion attacks via crafted inputs that influence the default language path ($path variable). NOTE: this issue has been disputed by a vendor, stating that only a static value is used, so this is not a vulnerability in GeSHi. Separate CVE identifiers would be created for web applications that integrate GeSHi in a way that allows control of the default language path."
},
{
"lang": "es",
"value": "** CUESTIONADA ** La funcion set_language_path en geshi.php en Generic Syntax Highlighter (GeSHi) antes de v1.0.8.1 podria permitir a atacantes remotos producir un ataque de conduccion de inclusion de fichero a traves de entradas manipuladas que influirian en la ruta de idioma por defecto ($path variable). NOTA: El vendedor a cuestionado esta vulnerabilidad, argumentando que solo es utilizado un valor estatico y que por lo tanto no es una vulnerabilidad en GeSHi. Identificadores CVE diferentes fueron creados para las aplicaciones web que integran GeSHi de tal modo que permiten el control de la ruta por defecto del idioma."
}
],
"metrics": {
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "NONE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5
},
"baseSeverity": "HIGH",
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-20"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:geshi:geshi:*:*:*:*:*:*:*:*",
"versionEndIncluding": "1.0.8",
"matchCriteriaId": "1142B5BC-0D42-47ED-B929-F4BAB5553D23"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:geshi:geshi:1.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7EF8085F-C8FA-4B7D-BE6B-46BD37599235"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:geshi:geshi:1.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3E8640CA-5302-491A-91E7-0D559966F153"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:geshi:geshi:1.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "2C7035B2-576E-4DB8-8F43-785FCE8D3077"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:geshi:geshi:1.0.2_beta_1:*:*:*:*:*:*:*",
"matchCriteriaId": "63A062D8-2DE6-44F4-9CCF-BE2996F8A2DA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:geshi:geshi:1.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "BACADB05-ABC5-4565-93C8-9545B16FC900"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:geshi:geshi:1.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "6243E133-0612-4FF1-81D1-758F5B55AEE5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:geshi:geshi:1.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "3A87C84D-044C-45E4-8FE9-EB6169CE8D93"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:geshi:geshi:1.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "5E021E26-9C91-4644-8FFC-95F240E27F06"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:geshi:geshi:1.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "89D678F7-99E0-448A-89A6-EFFBB3B4060E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:geshi:geshi:1.0.7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "BF5342B1-7CC5-4A5B-B7A2-260E5B6983ED"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:geshi:geshi:1.0.7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C72BCBFB-A9F1-43F0-9AFA-1C26D152ECED"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:geshi:geshi:1.0.7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "755F9D37-D32E-4B2F-9BA3-0853A554C6A5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:geshi:geshi:1.0.7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "DAB3F2AE-6353-4DE6-80FC-C83663975CC7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:geshi:geshi:1.0.7.5:*:*:*:*:*:*:*",
"matchCriteriaId": "5A4393E5-14CC-4973-8D00-F2D22DDD6293"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:geshi:geshi:1.0.7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "9A9A6873-3024-40FE-BD9E-D5D225C0A5A5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:geshi:geshi:1.0.7.7:*:*:*:*:*:*:*",
"matchCriteriaId": "5E30A75B-5B35-4E92-95A2-E055810993F2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:geshi:geshi:1.0.7.8:*:*:*:*:*:*:*",
"matchCriteriaId": "10EA5DE1-21D3-4CCC-BC3A-1165A69E0223"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:geshi:geshi:1.0.7.9:*:*:*:*:*:*:*",
"matchCriteriaId": "98105060-6780-4835-8092-B49130922690"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:geshi:geshi:1.0.7.10:*:*:*:*:*:*:*",
"matchCriteriaId": "3781AE2D-B315-452B-975A-5DA1B5A435C4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:geshi:geshi:1.0.7.11:*:*:*:*:*:*:*",
"matchCriteriaId": "DBC96172-DB75-4F16-A615-A52F6EAB9250"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:geshi:geshi:1.0.7.12:*:*:*:*:*:*:*",
"matchCriteriaId": "EDECF138-3450-4DA4-8FD9-FAB6D6FE3326"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:geshi:geshi:1.0.7.13:*:*:*:*:*:*:*",
"matchCriteriaId": "62615324-C582-4008-A22E-E8203A3F4EE2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:geshi:geshi:1.0.7.14:*:*:*:*:*:*:*",
"matchCriteriaId": "0E1ABA58-8C64-427C-9900-782272A62A7A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:geshi:geshi:1.0.7.15:*:*:*:*:*:*:*",
"matchCriteriaId": "83C1A6A8-DD79-4BA1-A5AA-46EE4E5BCEE6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:geshi:geshi:1.0.7.16:*:*:*:*:*:*:*",
"matchCriteriaId": "CD8F406E-9BE5-4358-B290-A6823FD40380"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:geshi:geshi:1.0.7.17:*:*:*:*:*:*:*",
"matchCriteriaId": "D8A551B1-F0A1-4873-B6D4-197777F77A53"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:geshi:geshi:1.0.7.18:*:*:*:*:*:*:*",
"matchCriteriaId": "AF3FD20D-00EF-4CBA-AC90-8EE73270D982"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:geshi:geshi:1.0.7.19:*:*:*:*:*:*:*",
"matchCriteriaId": "08FD2BC4-D823-4C45-8625-D39CF2D4974C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:geshi:geshi:1.0.7.20:*:*:*:*:*:*:*",
"matchCriteriaId": "AF84D9E6-9044-49BC-BF3E-8F23FECAF76E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:geshi:geshi:1.0.7.21:*:*:*:*:*:*:*",
"matchCriteriaId": "2024ABFC-402B-4BAA-8EB0-2B83BFCDF8DA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:geshi:geshi:1.0.7.22:*:*:*:*:*:*:*",
"matchCriteriaId": "3DC283CF-AA72-493B-8905-2B843C80AE74"
}
]
}
]
}
],
"references": [
{
"url": "http://sourceforge.net/project/shownotes.php?release_id=637321",
"source": "cve@mitre.org",
"tags": [
"Patch"
]
},
{
"url": "http://www.openwall.com/lists/oss-security/2008/11/10/8",
"source": "cve@mitre.org"
},
{
"url": "http://www.securityfocus.com/bid/32070",
"source": "cve@mitre.org",
"tags": [
"Patch"
]
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46271",
"source": "cve@mitre.org"
}
]
}
Reference in New Issue View Git Blame Copy Permalink