Lucene search

[email protected]NVD:CVE-2008-4810

HistoryOct 31, 2008 - 6:09 p.m.

CVE-2008-4810

2008-10-3118:09:08

CWE-94

[email protected]

web.nvd.nist.gov

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

7.6

Confidence

Low

EPSS

0.012

Percentile

85.5%

JSON

The _expand_quoted_text function in libs/Smarty_Compiler.class.php in Smarty 2.6.20 before r2797 allows remote attackers to execute arbitrary PHP code via vectors related to templates and (1) a dollar-sign character, aka “php executed in templates;” and (2) a double quoted literal string, aka a “function injection security hole.” NOTE: each vector affects slightly different SVN revisions.

Affected configurations

NVD

Node

smartysmartyMatch1.0

smartysmartyMatch1.0a

smartysmartyMatch1.0b

smartysmartyMatch1.1.0

smartysmartyMatch1.2.0

smartysmartyMatch1.2.1

smartysmartyMatch1.2.2

smartysmartyMatch1.3.0

smartysmartyMatch1.3.1

smartysmartyMatch1.3.2

smartysmartyMatch1.4.0

smartysmartyMatch1.4.0b1

smartysmartyMatch1.4.0b2

smartysmartyMatch1.4.1

smartysmartyMatch1.4.2

smartysmartyMatch1.4.3

smartysmartyMatch1.4.4

smartysmartyMatch1.4.5

smartysmartyMatch1.4.6

smartysmartyMatch1.5.0

smartysmartyMatch1.5.1

smartysmartyMatch1.5.2

smartysmartyMatch2.0.0

smartysmartyMatch2.0.1

smartysmartyMatch2.1.0

smartysmartyMatch2.1.1

smartysmartyMatch2.2.0

smartysmartyMatch2.3.0

smartysmartyMatch2.3.1

smartysmartyMatch2.4.0

smartysmartyMatch2.4.1

smartysmartyMatch2.4.2

smartysmartyMatch2.5.0

smartysmartyMatch2.5.0rc1

smartysmartyMatch2.5.0rc2

smartysmartyMatch2.6.0

smartysmartyMatch2.6.0rc1

smartysmartyMatch2.6.0rc2

smartysmartyMatch2.6.0rc3

smartysmartyMatch2.6.1

smartysmartyMatch2.6.2

smartysmartyMatch2.6.3

smartysmartyMatch2.6.4

smartysmartyMatch2.6.5

smartysmartyMatch2.6.6

smartysmartyMatch2.6.7

smartysmartyMatch2.6.9

smartysmartyMatch2.6.10

smartysmartyMatch2.6.11

smartysmartyMatch2.6.12

smartysmartyMatch2.6.13

smartysmartyMatch2.6.14

smartysmartyMatch2.6.15

smartysmartyMatch2.6.16

smartysmartyMatch2.6.17

smartysmartyMatch2.6.18

References

code.google.com/p/smarty-php/source/detail?r=2784&path=/trunk/libs/Smarty_Compiler.class.php

code.google.com/p/smarty-php/source/detail?r=2797&path=/trunk/libs/Smarty_Compiler.class.php

secunia.com/advisories/32329

securityvulns.ru/Udocument746.html

smarty-php.googlecode.com/svn/trunk/NEWS

www.debian.org/security/2008/dsa-1691

www.openwall.com/lists/oss-security/2008/10/25/2

www.securityfocus.com/bid/31862

bugs.gentoo.org/attachment.cgi?id=169804&action=view

exchange.xforce.ibmcloud.com/vulnerabilities/46031

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

7.6

Confidence

Low

EPSS

0.012

Percentile

85.5%

JSON

Related for NVD:CVE-2008-4810

ubuntucve1 openvas17 nessus5 cvelist1 cve1 redhatcve1 prion1 osv2 debian3 altlinux2 gentoo1 ubuntu1