Lucene search
Ubuntu.comUB:CVE-2008-1467HistoryMar 24, 2008 - 12:00 a.m.
CVE-2008-1467
2008-03-2400:00:00
ubuntu.com
ubuntu.com
8
6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.071 Low
EPSS
Percentile
94.0%
DISPUTED CenterIM 4.22.3 and earlier allows user-assisted remote
attackers to execute arbitrary commands via shell metacharacters in a URI,
related to “received URLs in the message window.” NOTE: this issue has
been disputed due to the user-assisted nature, since the URL must be
selected and launched by the victim.
Notes
| Author | Note |
|---|---|
| jdstrand | per Debian, the victim needs to list the URLs in the message with F2 and press enter on it. the victim can see the complete URL including the commands however so the impact is really low |
Related
cve
cve
CVE-2008-1467
2008-03-24 21:44:00
openvas
openvas
Fedora Update for centerim FEDORA-2008-2869
2009-02-16 00:00:00
Fedora Update for centerim FEDORA-2008-2867
2009-02-16 00:00:00
Fedora Update for centerim FEDORA-2008-2869
2009-02-16 00:00:00
prion
prion
Code injection
2008-03-24 21:44:00
fedora
fedora
[SECURITY] Fedora 8 Update: centerim-4.22.4-1.fc8
2008-04-01 21:38:25
[SECURITY] Fedora 7 Update: centerim-4.22.4-1.fc7.1
2008-04-01 21:38:37
nessus
nessus
Fedora 8 : centerim-4.22.4-1.fc8 (2008-2867)
2008-04-04 00:00:00
Fedora 7 : centerim-4.22.4-1.fc7.1 (2008-2869)
2008-04-04 00:00:00
cvelist
cvelist
CVE-2008-1467
2008-03-24 21:00:00
nvd
nvd
CVE-2008-1467
2008-03-24 21:44:00
redhatcve
redhatcve
CVE-2008-1467
2019-10-04 22:01:53
6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.071 Low
EPSS
Percentile
94.0%
Related for UB:CVE-2008-1467