Lucene search

[email protected]NVD:CVE-2008-0506

HistoryJan 31, 2008 - 8:00 p.m.

CVE-2008-0506

2008-01-3120:00:00

CWE-20

[email protected]

web.nvd.nist.gov

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

AI Score

7.5

Confidence

Low

EPSS

0.963

Percentile

99.6%

JSON

include/imageObjectIM.class.php in Coppermine Photo Gallery (CPG) before 1.4.15, when the ImageMagick picture processing method is configured, allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) quality, (2) angle, or (3) clipval parameter to picEditor.php.

Affected configurations

Nvd

Node

copperminecoppermine_photo_galleryRange≤1.4.14

VendorProductVersionCPE
copperminecoppermine_photo_gallery*cpe:2.3:a:coppermine:coppermine_photo_gallery:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
coppermine	coppermine_photo_gallery	*	cpe:2.3:a:coppermine:coppermine_photo_gallery::::::::

References

coppermine-gallery.net/forum/index.php?topic=50103.0

secunia.com/advisories/28682

www.securityfocus.com/archive/1/487310/100/200/threaded

www.securityfocus.com/bid/27512

www.securitytracker.com/id?1019286

www.vupen.com/english/advisories/2008/0367

www.waraxe.us/advisory-65.html

www.exploit-db.com/exploits/5019

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

AI Score

7.5

Confidence

Low

EPSS

0.963

Percentile

99.6%

JSON

Related for NVD:CVE-2008-0506

metasploit1 nessus2 canvas1 cve1 cvelist1 exploitdb1 packetstorm1 prion1 openvas2 freebsd1