Lucene search

[email protected]CVE-2008-0982

HistoryFeb 25, 2008 - 11:44 p.m.

CVE-2008-0982

2008-02-2523:44:00

CWE-20

[email protected]

web.nvd.nist.gov

spyce

python

server pages

psp

sensitive information disclosure

security vulnerability

5.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:P/A:N

6.2 Medium

AI Score

Confidence

Low

0.007 Low

EPSS

Percentile

80.1%

JSON

Spyce - Python Server Pages (PSP) 2.1.3 allows remote attackers to obtain sensitive information via a direct request for spyce/examples/automaton.spy, which reveals the path in an error message.

Affected configurations

NVD

Node

spycespyceMatch2.1.3

CPENameOperatorVersion
spyce:spycespyceeq2.1.3

CPE	Name	Operator	Version
spyce:spyce	spyce	eq	2.1.3

References

securityreason.com/securityalert/3699

www.procheckup.com/Vulnerability_PR08-01.php

www.securityfocus.com/archive/1/488336/100/0/threaded

www.securityfocus.com/bid/27898

5.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:P/A:N

6.2 Medium

AI Score

Confidence

Low

0.007 Low

EPSS

Percentile

80.1%

JSON

Related for CVE-2008-0982

prion1 cvelist1 nvd1