Lucene search

K
cve[email protected]CVE-2008-1040
HistoryFeb 27, 2008 - 7:44 p.m.

CVE-2008-1040

2008-02-2719:44:00
CWE-119
web.nvd.nist.gov
13
cve-2008-1040
fujitsu
interstage
app server
buffer overflow
remote code execution
nvd

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

7.9 High

AI Score

Confidence

High

0.036 Low

EPSS

Percentile

91.7%

Buffer overflow in the Single Sign-On function in Fujitsu Interstage Application Server 8.0.0 through 8.0.3 and 9.0.0, Interstage Studio 8.0.1 and 9.0.0, and Interstage Apworks 8.0.0 allows remote attackers to execute arbitrary code via a long URI.

Affected configurations

NVD
Node
fujitsuinterstage_application_server_enterpriseMatch8.0.0rehl_as4_x86
OR
fujitsuinterstage_application_server_enterpriseMatch8.0.0rhel_as4_em64t
OR
fujitsuinterstage_application_server_enterpriseMatch8.0.0solaris
OR
fujitsuinterstage_application_server_enterpriseMatch8.0.0windows
OR
fujitsuinterstage_application_server_enterpriseMatch8.0.1windows
OR
fujitsuinterstage_application_server_enterpriseMatch8.0.2rhel_as4_em64t
OR
fujitsuinterstage_application_server_enterpriseMatch8.0.2rhel_as4_x86
OR
fujitsuinterstage_application_server_enterpriseMatch8.0.2solaris
OR
fujitsuinterstage_application_server_enterpriseMatch8.0.2windows
OR
fujitsuinterstage_application_server_enterpriseMatch8.0.3rhel_as4_em64t
OR
fujitsuinterstage_application_server_enterpriseMatch8.0.3rhel_as4_x86
OR
fujitsuinterstage_application_server_enterpriseMatch8.0.3solaris
OR
fujitsuinterstage_application_server_enterpriseMatch8.0.3windows
OR
fujitsuinterstage_application_server_enterpriseMatchv9.0.0rhel_as4_em64t
OR
fujitsuinterstage_application_server_enterpriseMatchv9.0.0rhel_as4_ipf
OR
fujitsuinterstage_application_server_enterpriseMatchv9.0.0rhel_as4_x86
OR
fujitsuinterstage_application_server_enterpriseMatchv9.0.0rhel5_intel64
OR
fujitsuinterstage_application_server_enterpriseMatchv9.0.0rhel5_ipf
OR
fujitsuinterstage_application_server_enterpriseMatchv9.0.0rhel5_x86
OR
fujitsuinterstage_application_server_enterpriseMatchv9.0.0solaris
OR
fujitsuinterstage_application_server_enterpriseMatchv9.0.0windows
OR
fujitsuinterstage_application_server_enterpriseMatchv9.0.0arhel_as4_ipf
OR
fujitsuinterstage_application_server_enterpriseMatchv9.0.0arhel5_ipf
OR
fujitsuinterstage_application_server_enterpriseMatchv9.0.0awindows
OR
fujitsuinterstage_application_server_standard_jMatch8.0.0rhel_as4_em64t
OR
fujitsuinterstage_application_server_standard_jMatch8.0.0rhel_as4_x86
OR
fujitsuinterstage_application_server_standard_jMatch8.0.0solaris
OR
fujitsuinterstage_application_server_standard_jMatch8.0.0windows
OR
fujitsuinterstage_application_server_standard_jMatch8.0.2rhel_as4_em64t
OR
fujitsuinterstage_application_server_standard_jMatch8.0.2rhel_as4_x86
OR
fujitsuinterstage_application_server_standard_jMatch8.0.2solaris
OR
fujitsuinterstage_application_server_standard_jMatch8.0.2windows
OR
fujitsuinterstage_application_server_standard_jMatch8.0.3rhel_as4_em64t
OR
fujitsuinterstage_application_server_standard_jMatch8.0.3rhel_as4_x86
OR
fujitsuinterstage_application_server_standard_jMatch8.0.3solaris
OR
fujitsuinterstage_application_server_standard_jMatch8.0.3windows
OR
fujitsuinterstage_application_server_standard_jMatchv9.0.0.0rhel_as4_em64t
OR
fujitsuinterstage_application_server_standard_jMatchv9.0.0.0rhel_as4_ipf
OR
fujitsuinterstage_application_server_standard_jMatchv9.0.0.0rhel_as4_x86
OR
fujitsuinterstage_application_server_standard_jMatchv9.0.0.0rhel5_intel64
OR
fujitsuinterstage_application_server_standard_jMatchv9.0.0.0rhel5_ipf
OR
fujitsuinterstage_application_server_standard_jMatchv9.0.0.0rhel5_x86
OR
fujitsuinterstage_application_server_standard_jMatchv9.0.0.0solaris
OR
fujitsuinterstage_application_server_standard_jMatchv9.0.0.0windows
OR
fujitsuinterstage_application_server_standard_jMatchv9.0.0awindows
OR
fujitsuinterstage_apworks_enterpriseMatch8.0.0windows
OR
fujitsuinterstage_apworks_standard_jMatch8.0.0windows
OR
fujitsuinterstage_studio_enterpriseMatch8.0.1windows
OR
fujitsuinterstage_studio_enterpriseMatchv9.0.0windows
OR
fujitsuinterstage_studio_standard_jMatch8.0.1windows
OR
fujitsuinterstage_studio_standard_jMatchv9.0.0windows

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

7.9 High

AI Score

Confidence

High

0.036 Low

EPSS

Percentile

91.7%

Related for CVE-2008-1040