Lucene search
MitreCVE-2008-2230HistoryJun 11, 2008 - 1:32 a.m.
CVE-2008-2230
2008-06-1101:32:00
CWE-94
mitre
web.nvd.nist.gov
25
cve-2008-2230
untrusted search path
vulnerability
reportbug
reportbug-ng
arbitrary code execution
CVSS2
4.6
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:P/I:P/A:P
AI Score
7.1
Confidence
High
EPSS
0
Percentile
5.1%
Untrusted search path vulnerability in (1) reportbug 3.8 and 3.31, and (2) reportbug-ng before 0.2008.06.04, allows local users to execute arbitrary code via a malicious module file in the current working directory.
Affected configurations
Node
reportbug-ngreportbugMatch3.8
ORreportbug-ngreportbugMatch3.31
ORreportbug-ngreportbug-ngMatch0.2007.03.10
ORreportbug-ngreportbug-ngMatch0.2007.03.11
ORreportbug-ngreportbug-ngMatch0.2007.03.13
ORreportbug-ngreportbug-ngMatch0.2007.03.14
ORreportbug-ngreportbug-ngMatch0.2007.03.15
ORreportbug-ngreportbug-ngMatch0.2007.03.17
ORreportbug-ngreportbug-ngMatch0.2007.03.19
ORreportbug-ngreportbug-ngMatch0.2007.03.19.2
ORreportbug-ngreportbug-ngMatch0.2007.03.20
ORreportbug-ngreportbug-ngMatch0.2007.03.24
ORreportbug-ngreportbug-ngMatch0.2007.03.27
ORreportbug-ngreportbug-ngMatch0.2007.03.28
ORreportbug-ngreportbug-ngMatch0.2007.03.29
ORreportbug-ngreportbug-ngMatch0.2007.04.07
ORreportbug-ngreportbug-ngMatch0.2007.04.07.2
ORreportbug-ngreportbug-ngMatch0.2007.04.13
ORreportbug-ngreportbug-ngMatch0.2007.04.16
ORreportbug-ngreportbug-ngMatch0.2007.04.20
ORreportbug-ngreportbug-ngMatch0.2007.04.23
ORreportbug-ngreportbug-ngMatch0.2007.04.27
ORreportbug-ngreportbug-ngMatch0.2007.05.02
ORreportbug-ngreportbug-ngMatch0.2007.05.27
ORreportbug-ngreportbug-ngMatch0.2007.05.28
ORreportbug-ngreportbug-ngMatch0.2007.05.31
ORreportbug-ngreportbug-ngMatch0.2007.06.13
ORreportbug-ngreportbug-ngMatch0.2007.06.27
ORreportbug-ngreportbug-ngMatch0.2007.07.08
ORreportbug-ngreportbug-ngMatch0.2007.07.12
ORreportbug-ngreportbug-ngMatch0.2007.07.18
ORreportbug-ngreportbug-ngMatch0.2007.07.19
ORreportbug-ngreportbug-ngMatch0.2007.08.02
ORreportbug-ngreportbug-ngMatch0.2007.08.03
ORreportbug-ngreportbug-ngMatch0.2007.08.03.2
ORreportbug-ngreportbug-ngMatch0.2007.08.12
ORreportbug-ngreportbug-ngMatch0.2007.08.20
ORreportbug-ngreportbug-ngMatch0.2007.10.30
ORreportbug-ngreportbug-ngMatch0.2008.01.20
ORreportbug-ngreportbug-ngMatch0.2008.03.26
ORreportbug-ngreportbug-ngMatch0.2008.03.28
| Vendor | Product | Version | CPE |
|---|---|---|---|
| reportbug-ng | reportbug | 3.8 | cpe:2.3:a:reportbug-ng:reportbug:3.8:*:*:*:*:*:*:* |
| reportbug-ng | reportbug | 3.31 | cpe:2.3:a:reportbug-ng:reportbug:3.31:*:*:*:*:*:*:* |
| reportbug-ng | reportbug-ng | 0.2007.03.10 | cpe:2.3:a:reportbug-ng:reportbug-ng:0.2007.03.10:*:*:*:*:*:*:* |
| reportbug-ng | reportbug-ng | 0.2007.03.11 | cpe:2.3:a:reportbug-ng:reportbug-ng:0.2007.03.11:*:*:*:*:*:*:* |
| reportbug-ng | reportbug-ng | 0.2007.03.13 | cpe:2.3:a:reportbug-ng:reportbug-ng:0.2007.03.13:*:*:*:*:*:*:* |
| reportbug-ng | reportbug-ng | 0.2007.03.14 | cpe:2.3:a:reportbug-ng:reportbug-ng:0.2007.03.14:*:*:*:*:*:*:* |
| reportbug-ng | reportbug-ng | 0.2007.03.15 | cpe:2.3:a:reportbug-ng:reportbug-ng:0.2007.03.15:*:*:*:*:*:*:* |
| reportbug-ng | reportbug-ng | 0.2007.03.17 | cpe:2.3:a:reportbug-ng:reportbug-ng:0.2007.03.17:*:*:*:*:*:*:* |
| reportbug-ng | reportbug-ng | 0.2007.03.19 | cpe:2.3:a:reportbug-ng:reportbug-ng:0.2007.03.19:*:*:*:*:*:*:* |
| reportbug-ng | reportbug-ng | 0.2007.03.19.2 | cpe:2.3:a:reportbug-ng:reportbug-ng:0.2007.03.19.2:*:*:*:*:*:*:* |
Related
cvelist
cvelist
CVE-2008-2230
2008-06-11 01:00:00
debiancve
debiancve
CVE-2008-2230
2008-06-11 01:32:00
prion
prion
Design/Logic Flaw
2008-06-11 01:32:00
ubuntucve
ubuntucve
CVE-2008-2230
2008-06-11 00:00:00
nvd
nvd
CVE-2008-2230
2008-06-11 01:32:00
CVSS2
4.6
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:P/I:P/A:P
AI Score
7.1
Confidence
High
EPSS
0
Percentile
5.1%
Related for CVE-2008-2230