Lucene search

[email protected]CVE-2008-6937

HistoryAug 11, 2009 - 9:00 p.m.

CVE-2008-6937

2009-08-1121:00:00

CWE-94

[email protected]

web.nvd.nist.gov

cve

2008

6937

vulnerability

argument injection

exodus 0.10

remote attackers

denial of service

uri

xmpp

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

7 High

AI Score

Confidence

Low

0.048 Low

EPSS

Percentile

92.7%

JSON

Argument injection vulnerability in Exodus 0.10 allows remote attackers to inject arbitrary command line arguments, overwrite arbitrary files, and cause a denial of service via encoded spaces in an xmpp:// URI, a different vector than CVE-2008-6935 and CVE-2008-6936. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

Affected configurations

NVD

Node

jabberexodusMatch0.10

CPENameOperatorVersion
jabber:exodusjabber exoduseq0.10

CPE	Name	Operator	Version
jabber:exodus	jabber exodus	eq	0.10

References

secunia.com/advisories/32729

exchange.xforce.ibmcloud.com/vulnerabilities/52631

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

7 High

AI Score

Confidence

Low

0.048 Low

EPSS

Percentile

92.7%

JSON

Related for CVE-2008-6937

cvelist3 nvd3 prion3 cve2