Lucene search

MitreCVE-2007-3831

HistoryJul 17, 2007 - 9:30 p.m.

CVE-2007-3831

2007-07-1721:30:00

mitre

web.nvd.nist.gov

php

remote file inclusion

iss proventia

ips

cve-2007-3831

nvd

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

7.6

Confidence

High

EPSS

0.012

Percentile

85.3%

JSON

PHP remote file inclusion in main.php in ISS Proventia Network IPS GX5108 1.3 and GX5008 1.5 allows remote attackers to execute arbitrary PHP code via a URL in the page parameter.

Affected configurations

Nvd

Node

ibmproventia_network_ips_gx5008Match1.5

ibmproventia_network_ips_gx5108Match1.3

VendorProductVersionCPE
ibmproventia_network_ips_gx50081.5cpe:2.3:h:ibm:proventia_network_ips_gx5008:1.5:*:*:*:*:*:*:*
ibmproventia_network_ips_gx51081.3cpe:2.3:h:ibm:proventia_network_ips_gx5108:1.3:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
ibm	proventia_network_ips_gx5008	1.5	cpe:2.3:h:ibm:proventia_network_ips_gx5008:1.5:::::::*
ibm	proventia_network_ips_gx5108	1.3	cpe:2.3:h:ibm:proventia_network_ips_gx5108:1.3:::::::*

References

osvdb.org/36474

secunia.com/advisories/25979

www.sybsecurity.com/hack-proventia-1.pdf

www.vupen.com/english/advisories/2007/2545

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

7.6

Confidence

High

EPSS

0.012

Percentile

85.3%

JSON

Related for CVE-2007-3831