Lucene search
RedhatCVE-2011-4337HistoryJan 29, 2012 - 11:55 a.m.
CVE-2011-4337
2012-01-2911:55:01
CWE-94
redhat
web.nvd.nist.gov
21
cve-2011-4337
static code injection
support incident tracker
sit!
remote code execution
vulnerability
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
7.5
Confidence
Low
EPSS
0.008
Percentile
81.5%
Static code injection vulnerability in translate.php in Support Incident Tracker (aka SiT!) 3.45 through 3.65 allows remote attackers to inject arbitrary PHP code into an executable language file in the i18n directory via the lang variable.
Affected configurations
Node
sitrackersupport_incident_trackerMatch3.6
ORsitrackersupport_incident_trackerMatch3.45
ORsitrackersupport_incident_trackerMatch3.45beta1
ORsitrackersupport_incident_trackerMatch3.50
ORsitrackersupport_incident_trackerMatch3.50beta1
ORsitrackersupport_incident_trackerMatch3.51
ORsitrackersupport_incident_trackerMatch3.60
ORsitrackersupport_incident_trackerMatch3.61
ORsitrackersupport_incident_trackerMatch3.62
ORsitrackersupport_incident_trackerMatch3.63
ORsitrackersupport_incident_trackerMatch3.63beta1
ORsitrackersupport_incident_trackerMatch3.64
ORsitrackersupport_incident_trackerMatch3.65
| Vendor | Product | Version | CPE |
|---|---|---|---|
| sitracker | support_incident_tracker | 3.6 | cpe:2.3:a:sitracker:support_incident_tracker:3.6:*:*:*:*:*:*:* |
| sitracker | support_incident_tracker | 3.45 | cpe:2.3:a:sitracker:support_incident_tracker:3.45:*:*:*:*:*:*:* |
| sitracker | support_incident_tracker | 3.45 | cpe:2.3:a:sitracker:support_incident_tracker:3.45:beta1:*:*:*:*:*:* |
| sitracker | support_incident_tracker | 3.50 | cpe:2.3:a:sitracker:support_incident_tracker:3.50:*:*:*:*:*:*:* |
| sitracker | support_incident_tracker | 3.50 | cpe:2.3:a:sitracker:support_incident_tracker:3.50:beta1:*:*:*:*:*:* |
| sitracker | support_incident_tracker | 3.51 | cpe:2.3:a:sitracker:support_incident_tracker:3.51:*:*:*:*:*:*:* |
| sitracker | support_incident_tracker | 3.60 | cpe:2.3:a:sitracker:support_incident_tracker:3.60:*:*:*:*:*:*:* |
| sitracker | support_incident_tracker | 3.61 | cpe:2.3:a:sitracker:support_incident_tracker:3.61:*:*:*:*:*:*:* |
| sitracker | support_incident_tracker | 3.62 | cpe:2.3:a:sitracker:support_incident_tracker:3.62:*:*:*:*:*:*:* |
| sitracker | support_incident_tracker | 3.63 | cpe:2.3:a:sitracker:support_incident_tracker:3.63:*:*:*:*:*:*:* |
Related
prion
prion
Code injection
2012-01-29 11:55:00
cvelist
cvelist
CVE-2011-4337
2012-01-29 11:00:00
nvd
nvd
CVE-2011-4337
2012-01-29 11:55:01
exploitdb
exploitdb
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
7.5
Confidence
Low
EPSS
0.008
Percentile
81.5%
Related for CVE-2011-4337