[email protected]CVE-2008-2405

HistoryJun 04, 2008 - 8:32 p.m.

CVE-2008-2405

2008-06-0420:32:00

CWE-20

[email protected]

web.nvd.nist.gov

cve-2008-2405

sun java

asp server

remote command execution

shell metacharacters

nvd

7.8 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.011 Low

EPSS

Percentile

84.7%

JSON

Sun Java Active Server Pages (ASP) Server before 4.0.3 allows remote attackers to execute arbitrary commands via shell metacharacters in HTTP requests to unspecified ASP applications.

CPENameOperatorVersion
sun:java_active_server_pagessun java active server pageseq4.0.1
sun:java_active_server_pagessun java active server pagesle4.0.2
sun:java_active_server_pagessun java active server pageseq4.0.0

CPE	Name	Operator	Version
sun:java_active_server_pages	sun java active server pages	eq	4.0.1
sun:java_active_server_pages	sun java active server pages	le	4.0.2
sun:java_active_server_pages	sun java active server pages	eq	4.0.0

References

labs.idefense.com/intelligence/vulnerabilities/display.php?id=709

secunia.com/advisories/30523

sunsolve.sun.com/search/document.do?assetkey=1-66-238184-1

www.securitytracker.com/id?1020190

www.vupen.com/english/advisories/2008/1742/references

exchange.xforce.ibmcloud.com/vulnerabilities/42829

7.8 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.011 Low

EPSS

Percentile

84.7%

JSON

Related for CVE-2008-2405

cvelist1 prion1 securityvulns2 nessus3