Lucene search

[email protected]CVE-2008-4188

HistorySep 23, 2008 - 5:01 p.m.

CVE-2008-4188

2008-09-2317:01:22

CWE-94

[email protected]

web.nvd.nist.gov

cve-2008-4188

typo3

kw_secdir

vulnerability

remote code execution

nvd

7.5 High

AI Score

Confidence

Low

10 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.029 Low

EPSS

Percentile

90.9%

JSON

Unspecified vulnerability in the TYPO3 Secure Directory (kw_secdir) extension before 1.0.2 allows remote attackers to execute arbitrary code via unknown vectors related to “injection of control characters.”

Affected configurations

NVD

Node

typo3secure_directoryRange≤1.0.1

typo3secure_directoryMatch0.1.3

typo3secure_directoryMatch1.0.0

CPENameOperatorVersion
typo3:secure_directorytypo3 secure directoryle1.0.1
typo3:secure_directorytypo3 secure directoryeq0.1.3
typo3:secure_directorytypo3 secure directoryeq1.0.0

CPE	Name	Operator	Version
typo3:secure_directory	typo3 secure directory	le	1.0.1
typo3:secure_directory	typo3 secure directory	eq	0.1.3
typo3:secure_directory	typo3 secure directory	eq	1.0.0

References

secunia.com/advisories/31897

typo3.org/extensions/repository/view/kw_secdir/1.0.2/

www.securityfocus.com/bid/31253

exchange.xforce.ibmcloud.com/vulnerabilities/45260

7.5 High

AI Score

Confidence

Low

10 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.029 Low

EPSS

Percentile

90.9%

JSON

Related for CVE-2008-4188

cvelist1 prion1 nvd1