Lucene search

[email protected]CVE-2008-0264

HistoryJan 15, 2008 - 8:00 p.m.

CVE-2008-0264

2008-01-1520:00:00

CWE-20

[email protected]

web.nvd.nist.gov

cve-2008-0264

meta tags

nodewords

drupal

remote code execution

authentication

7.3 High

AI Score

Confidence

Low

6.8 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.033 Low

EPSS

Percentile

91.4%

JSON

Unspecified vulnerability in the Meta Tags (aka Nodewords) 5.x-1.6 module for Drupal, when images are permitted in node bodies, allows remote authenticated users to execute arbitrary code via unspecified vectors involving creation of a node.

Affected configurations

NVD

Node

drupalmeta_tags_moduleRange≤5.x-1.6

CPENameOperatorVersion
drupal:meta_tags_moduledrupal meta tags modulele5.x-1.6

CPE	Name	Operator	Version
drupal:meta_tags_module	drupal meta tags module	le	5.x-1.6

References

drupal.org/node/209759

secunia.com/advisories/28478

www.vupen.com/english/advisories/2008/0129

exchange.xforce.ibmcloud.com/vulnerabilities/39638

7.3 High

AI Score

Confidence

Low

6.8 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.033 Low

EPSS

Percentile

91.4%

JSON

Related for CVE-2008-0264

nvd1 cvelist1 prion1