Lucene search

MitreCVE-2008-7205

HistorySep 11, 2009 - 4:30 p.m.

CVE-2008-7205

2009-09-1116:30:00

CWE-20

mitre

web.nvd.nist.gov

cve-2008-7205

vulnerability

virtuemart

remote attack

arbitrary files

template file

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:N/A:N

AI Score

6.7

Confidence

Low

EPSS

0.005

Percentile

76.2%

JSON

Unspecified vulnerability in the product view functionality in VirtueMart 1.0.13a and earlier allows remote attackers to read arbitrary files via vectors related to a template file.

Affected configurations

Nvd

Node

virtuemartvirtuemartRange≤1.0.13a

virtuemartvirtuemartMatch1.0.0

virtuemartvirtuemartMatch1.0.7

virtuemartvirtuemartMatch1.0.8

virtuemartvirtuemartMatch1.0.9

virtuemartvirtuemartMatch1.0.10

virtuemartvirtuemartMatch1.0.11

virtuemartvirtuemartMatch1.0.12

virtuemartvirtuemartMatch1.1

VendorProductVersionCPE
virtuemartvirtuemart*cpe:2.3:a:virtuemart:virtuemart:*:*:*:*:*:*:*:*
virtuemartvirtuemart1.0.0cpe:2.3:a:virtuemart:virtuemart:1.0.0:*:*:*:*:*:*:*
virtuemartvirtuemart1.0.7cpe:2.3:a:virtuemart:virtuemart:1.0.7:*:*:*:*:*:*:*
virtuemartvirtuemart1.0.8cpe:2.3:a:virtuemart:virtuemart:1.0.8:*:*:*:*:*:*:*
virtuemartvirtuemart1.0.9cpe:2.3:a:virtuemart:virtuemart:1.0.9:*:*:*:*:*:*:*
virtuemartvirtuemart1.0.10cpe:2.3:a:virtuemart:virtuemart:1.0.10:*:*:*:*:*:*:*
virtuemartvirtuemart1.0.11cpe:2.3:a:virtuemart:virtuemart:1.0.11:*:*:*:*:*:*:*
virtuemartvirtuemart1.0.12cpe:2.3:a:virtuemart:virtuemart:1.0.12:*:*:*:*:*:*:*
virtuemartvirtuemart1.1cpe:2.3:a:virtuemart:virtuemart:1.1:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
virtuemart	virtuemart	*	cpe:2.3:a:virtuemart:virtuemart::::::::
virtuemart	virtuemart	1.0.0	cpe:2.3:a:virtuemart:virtuemart:1.0.0:::::::*
virtuemart	virtuemart	1.0.7	cpe:2.3:a:virtuemart:virtuemart:1.0.7:::::::*
virtuemart	virtuemart	1.0.8	cpe:2.3:a:virtuemart:virtuemart:1.0.8:::::::*
virtuemart	virtuemart	1.0.9	cpe:2.3:a:virtuemart:virtuemart:1.0.9:::::::*
virtuemart	virtuemart	1.0.10	cpe:2.3:a:virtuemart:virtuemart:1.0.10:::::::*
virtuemart	virtuemart	1.0.11	cpe:2.3:a:virtuemart:virtuemart:1.0.11:::::::*
virtuemart	virtuemart	1.0.12	cpe:2.3:a:virtuemart:virtuemart:1.0.12:::::::*
virtuemart	virtuemart	1.1	cpe:2.3:a:virtuemart:virtuemart:1.1:::::::*

References

osvdb.org/41761

secunia.com/advisories/28722

virtuemart.net/index.php?option=com_content&task=view&id=275&Itemid=127

www.securityfocus.com/bid/27532

exchange.xforce.ibmcloud.com/vulnerabilities/40114

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:N/A:N

AI Score

6.7

Confidence

Low

EPSS

0.005

Percentile

76.2%

JSON

Related for CVE-2008-7205