Lucene search

MitreCVE-2008-3360

HistoryJul 29, 2008 - 6:41 p.m.

CVE-2008-3360

2008-07-2918:41:00

CWE-119

mitre

web.nvd.nist.gov

cve-2008-3360

html parser

buffer overflow

remote code execution

intellitamper 2.0.7

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

7.8

Confidence

Low

EPSS

0.185

Percentile

96.2%

JSON

Stack-based buffer overflow in the HTML parser in IntelliTamper 2.0.7 allows remote attackers to execute arbitrary code via a long URL in the HREF attribute of an A element, a different vulnerability than CVE-2006-2494.

Affected configurations

Nvd

Node

intellitamperintellitamperMatch2.0.7

VendorProductVersionCPE
intellitamperintellitamper2.0.7cpe:2.3:a:intellitamper:intellitamper:2.0.7:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
intellitamper	intellitamper	2.0.7	cpe:2.3:a:intellitamper:intellitamper:2.0.7:::::::*

References

securityreason.com/securityalert/4058

www.securityfocus.com/bid/30317

www.securitytracker.com/id?1020521

www.vupen.com/english/advisories/2008/2120/references

exchange.xforce.ibmcloud.com/vulnerabilities/43876

www.exploit-db.com/exploits/6103

www.exploit-db.com/exploits/6116

www.exploit-db.com/exploits/6121

www.exploit-db.com/exploits/6238

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

7.8

Confidence

Low

EPSS

0.185

Percentile

96.2%

JSON

Related for CVE-2008-3360