Lucene search
MitreCVE-2009-2944HistoryAug 31, 2009 - 8:30 p.m.
CVE-2009-2944
2009-08-3120:30:00
mitre
web.nvd.nist.gov
31
cve-2009-2944
incomplete blacklist vulnerability
teximg plugin
ikiwiki
arbitrary file read
nvd
CVSS2
5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
AI Score
6.3
Confidence
Low
EPSS
0.005
Percentile
76.9%
Incomplete blacklist vulnerability in the teximg plugin in ikiwiki before 3.1415926 and 2.x before 2.53.4 allows context-dependent attackers to read arbitrary files via crafted TeX commands.
Affected configurations
Node
ikiwikiikiwikiRange≤3.141592
ORikiwikiikiwikiMatch2.0
ORikiwikiikiwikiMatch2.00
ORikiwikiikiwikiMatch2.1
ORikiwikiikiwikiMatch2.2
ORikiwikiikiwikiMatch2.3
ORikiwikiikiwikiMatch2.4
ORikiwikiikiwikiMatch2.5
ORikiwikiikiwikiMatch2.6
ORikiwikiikiwikiMatch2.6.1
ORikiwikiikiwikiMatch2.7
ORikiwikiikiwikiMatch2.8
ORikiwikiikiwikiMatch2.9
ORikiwikiikiwikiMatch2.10
ORikiwikiikiwikiMatch2.11
ORikiwikiikiwikiMatch2.12
ORikiwikiikiwikiMatch2.13
ORikiwikiikiwikiMatch2.14
ORikiwikiikiwikiMatch2.15
ORikiwikiikiwikiMatch2.16
ORikiwikiikiwikiMatch2.17
ORikiwikiikiwikiMatch2.18
ORikiwikiikiwikiMatch2.19
ORikiwikiikiwikiMatch2.20
ORikiwikiikiwikiMatch2.30
ORikiwikiikiwikiMatch2.31
ORikiwikiikiwikiMatch2.31.1
ORikiwikiikiwikiMatch2.31.2
ORikiwikiikiwikiMatch2.31.3
ORikiwikiikiwikiMatch2.40
ORikiwikiikiwikiMatch2.41
ORikiwikiikiwikiMatch2.42
ORikiwikiikiwikiMatch2.43
ORikiwikiikiwikiMatch2.44
ORikiwikiikiwikiMatch2.45
ORikiwikiikiwikiMatch2.46
ORikiwikiikiwikiMatch2.47
ORikiwikiikiwikiMatch2.48
ORikiwikiikiwikiMatch2.49
ORikiwikiikiwikiMatch2.50
ORikiwikiikiwikiMatch2.51
ORikiwikiikiwikiMatch2.52
ORikiwikiikiwikiMatch2.53
ORikiwikiikiwikiMatch2.54
ORikiwikiikiwikiMatch2.55
ORikiwikiikiwikiMatch2.56
ORikiwikiikiwikiMatch2.60
ORikiwikiikiwikiMatch2.61
ORikiwikiikiwikiMatch2.62
ORikiwikiikiwikiMatch2.62.1
ORikiwikiikiwikiMatch2.63
ORikiwikiikiwikiMatch2.64
ORikiwikiikiwikiMatch2.65
ORikiwikiikiwikiMatch2.66
ORikiwikiikiwikiMatch2.67
ORikiwikiikiwikiMatch2.68
ORikiwikiikiwikiMatch2.69
ORikiwikiikiwikiMatch2.70
ORikiwikiikiwikiMatch2.71
ORikiwikiikiwikiMatch2.72
ORikiwikiikiwikiMatch3.0
ORikiwikiikiwikiMatch3.00
ORikiwikiikiwikiMatch3.01
ORikiwikiikiwikiMatch3.02
ORikiwikiikiwikiMatch3.03
ORikiwikiikiwikiMatch3.04
ORikiwikiikiwikiMatch3.06
ORikiwikiikiwikiMatch3.07
ORikiwikiikiwikiMatch3.08
ORikiwikiikiwikiMatch3.09
ORikiwikiikiwikiMatch3.10
ORikiwikiikiwikiMatch3.11
ORikiwikiikiwikiMatch3.12
ORikiwikiikiwikiMatch3.13
ORikiwikiikiwikiMatch3.14
ORikiwikiikiwikiMatch3.141
ORikiwikiikiwikiMatch3.1415
ORikiwikiikiwikiMatch3.14159
| Vendor | Product | Version | CPE |
|---|---|---|---|
| ikiwiki | ikiwiki | * | cpe:2.3:a:ikiwiki:ikiwiki:*:*:*:*:*:*:*:* |
| ikiwiki | ikiwiki | 2.0 | cpe:2.3:a:ikiwiki:ikiwiki:2.0:*:*:*:*:*:*:* |
| ikiwiki | ikiwiki | 2.00 | cpe:2.3:a:ikiwiki:ikiwiki:2.00:*:*:*:*:*:*:* |
| ikiwiki | ikiwiki | 2.1 | cpe:2.3:a:ikiwiki:ikiwiki:2.1:*:*:*:*:*:*:* |
| ikiwiki | ikiwiki | 2.2 | cpe:2.3:a:ikiwiki:ikiwiki:2.2:*:*:*:*:*:*:* |
| ikiwiki | ikiwiki | 2.3 | cpe:2.3:a:ikiwiki:ikiwiki:2.3:*:*:*:*:*:*:* |
| ikiwiki | ikiwiki | 2.4 | cpe:2.3:a:ikiwiki:ikiwiki:2.4:*:*:*:*:*:*:* |
| ikiwiki | ikiwiki | 2.5 | cpe:2.3:a:ikiwiki:ikiwiki:2.5:*:*:*:*:*:*:* |
| ikiwiki | ikiwiki | 2.6 | cpe:2.3:a:ikiwiki:ikiwiki:2.6:*:*:*:*:*:*:* |
| ikiwiki | ikiwiki | 2.6.1 | cpe:2.3:a:ikiwiki:ikiwiki:2.6.1:*:*:*:*:*:*:* |
Related
openvas
openvas
FreeBSD Ports: ikiwiki
2009-09-15 00:00:00
Fedora Core 11 FEDORA-2009-9244 (ikiwiki)
2009-09-15 00:00:00
FreeBSD Ports: ikiwiki
2009-09-15 00:00:00
fedora
fedora
[SECURITY] Fedora 11 Update: ikiwiki-3.20100312-1.fc11
2010-04-01 01:51:27
[SECURITY] Fedora 10 Update: ikiwiki-2.72-2.fc10
2009-09-11 23:26:00
[SECURITY] Fedora 11 Update: ikiwiki-3.1415926-1.fc11
2009-09-11 23:35:06
cvelist
cvelist
CVE-2009-2944
2009-08-31 20:00:00
osv
osv
ikiwiki - information disclosure
2009-08-31 00:00:00
ikiwiki-3.20200202.3-2.7 on GA media
2024-06-15 00:00:00
ubuntucve
ubuntucve
CVE-2009-2944
2009-08-31 00:00:00
debian
debian
[SECURITY] [DSA 1875-1] New ikiwiki packages fix information disclosure
2009-08-31 17:27:34
nessus
nessus
Fedora 11 : ikiwiki-3.1415926-1.fc11 (2009-9244)
2009-09-14 00:00:00
Fedora 10 : ikiwiki-2.72-2.fc10 (2009-9254)
2009-09-14 00:00:00
prion
prion
Design/Logic Flaw
2009-08-31 20:30:00
debiancve
debiancve
CVE-2009-2944
2009-08-31 20:30:00
nvd
nvd
CVE-2009-2944
2009-08-31 20:30:00
securityvulns
securityvulns
freebsd
freebsd
ikiwiki -- insufficient blacklisting in teximg plugin
2009-08-28 00:00:00
seebug
seebug
ikiwiki teximg插件不安全TeX命令信息泄露漏洞
2009-09-02 00:00:00
CVSS2
5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
AI Score
6.3
Confidence
Low
EPSS
0.005
Percentile
76.9%
Related for CVE-2009-2944