Lucene search

[email protected]CVE-2008-0101

HistoryJan 08, 2008 - 2:46 a.m.

CVE-2008-0101

2008-01-0802:46:00

CWE-20

[email protected]

web.nvd.nist.gov

vulnerability

format string

white dune

remote code execution

nvd

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.4 High

AI Score

Confidence

Low

0.046 Low

EPSS

Percentile

92.6%

JSON

Format string vulnerability in the swDebugf function in DuneApp.cpp in White_Dune 0.29 beta791 and earlier allows remote attackers to execute arbitrary code via format string specifiers in a .WRL file.

Affected configurations

NVD

Node

white_dunewhite_duneRange≤0.29beta791

CPENameOperatorVersion
white_dune:white_dunewhite dunele0.29beta791

CPE	Name	Operator	Version
white_dune:white_dune	white dune	le	0.29beta791

References

aluigi.altervista.org/adv/whitedunboffs-adv.txt

secunia.com/advisories/28287

securityreason.com/securityalert/3516

vrml.cip.ica.uni-stuttgart.de/dune/news.html

www.securityfocus.com/archive/1/485724/100/0/threaded

www.securityfocus.com/bid/27102

exchange.xforce.ibmcloud.com/vulnerabilities/39388

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.4 High

AI Score

Confidence

Low

0.046 Low

EPSS

Percentile

92.6%

JSON

Related for CVE-2008-0101

prion2 nvd2 cvelist2 debiancve2 cve1 ubuntucve1