Lucene search

[email protected]CVE-2008-3904

HistorySep 04, 2008 - 5:41 p.m.

CVE-2008-3904

2008-09-0417:41:00

CWE-20

[email protected]

web.nvd.nist.gov

cve-2008-3904

gpicview

lxde

arbitrary command execution

shell metacharacters

security vulnerability

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.4 High

AI Score

Confidence

High

0.004 Low

EPSS

Percentile

74.7%

JSON

src/main-win.c in GPicView 0.1.9 in Lightweight X11 Desktop Environment (LXDE) allows context-dependent attackers to execute arbitrary commands via shell metacharacters in a filename.

Affected configurations

NVD

Node

lxdegpicviewMatch0.1.9

lxdelightweight_x11_desktop_environment

CPENameOperatorVersion
lxde:gpicviewlxde gpicvieweq0.1.9
lxde:lightweight_x11_desktop_environmentlxde lightweight x11 desktop environmenteq*

CPE	Name	Operator	Version
lxde:gpicview	lxde gpicview	eq	0.1.9
lxde:lightweight_x11_desktop_environment	lxde lightweight x11 desktop environment	eq	*

References

lxde.svn.sourceforge.net/viewvc/lxde?view=rev&sortby=date&revision=845

www.openwall.com/lists/oss-security/2008/08/30/1

www.openwall.com/lists/oss-security/2008/09/03/1

exchange.xforce.ibmcloud.com/vulnerabilities/45137

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.4 High

AI Score

Confidence

High

0.004 Low

EPSS

Percentile

74.7%

JSON

Related for CVE-2008-3904

nvd1 ubuntucve1 cvelist1 debiancve1 prion1