Lucene search

[email protected]NVD:CVE-2008-5694

HistoryDec 19, 2008 - 6:30 p.m.

CVE-2008-5694

2008-12-1918:30:00

CWE-94

[email protected]

web.nvd.nist.gov

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

AI Score

7.6

Confidence

Low

EPSS

0.008

Percentile

81.2%

JSON

PHP remote file inclusion vulnerability in lib/jpgraph/jpgraph_errhandler.inc.php in Sandbox 1.4.1 might allow remote attackers to execute arbitrary PHP code via unspecified vectors. NOTE: the issue, if any, may be located in Aditus JpGraph rather than Sandbox. If so, then this should not be treated as an issue in Sandbox.

Affected configurations

Nvd

Node

sandboxsandboxMatch1.4.1

VendorProductVersionCPE
sandboxsandbox1.4.1cpe:2.3:a:sandbox:sandbox:1.4.1:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
sandbox	sandbox	1.4.1	cpe:2.3:a:sandbox:sandbox:1.4.1:::::::*

References

www.by-f10.com/bug.txt

www.securityfocus.com/archive/1/487903/100/200/threaded

exchange.xforce.ibmcloud.com/vulnerabilities/47688

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

AI Score

7.6

Confidence

Low

EPSS

0.008

Percentile

81.2%

JSON

Related for NVD:CVE-2008-5694

cve1 prion1 cvelist1