Lucene search

[email protected]NVD:CVE-2008-1040

HistoryFeb 27, 2008 - 7:44 p.m.

CVE-2008-1040

2008-02-2719:44:00

CWE-119

[email protected]

web.nvd.nist.gov

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

7.9 High

AI Score

Confidence

High

0.036 Low

EPSS

Percentile

91.7%

JSON

Buffer overflow in the Single Sign-On function in Fujitsu Interstage Application Server 8.0.0 through 8.0.3 and 9.0.0, Interstage Studio 8.0.1 and 9.0.0, and Interstage Apworks 8.0.0 allows remote attackers to execute arbitrary code via a long URI.

Affected configurations

NVD

Node

fujitsuinterstage_application_server_enterpriseMatch8.0.0rehl_as4_x86

fujitsuinterstage_application_server_enterpriseMatch8.0.0rhel_as4_em64t

fujitsuinterstage_application_server_enterpriseMatch8.0.0solaris

fujitsuinterstage_application_server_enterpriseMatch8.0.0windows

fujitsuinterstage_application_server_enterpriseMatch8.0.1windows

fujitsuinterstage_application_server_enterpriseMatch8.0.2rhel_as4_em64t

fujitsuinterstage_application_server_enterpriseMatch8.0.2rhel_as4_x86

fujitsuinterstage_application_server_enterpriseMatch8.0.2solaris

fujitsuinterstage_application_server_enterpriseMatch8.0.2windows

fujitsuinterstage_application_server_enterpriseMatch8.0.3rhel_as4_em64t

fujitsuinterstage_application_server_enterpriseMatch8.0.3rhel_as4_x86

fujitsuinterstage_application_server_enterpriseMatch8.0.3solaris

fujitsuinterstage_application_server_enterpriseMatch8.0.3windows

fujitsuinterstage_application_server_enterpriseMatchv9.0.0rhel_as4_em64t

fujitsuinterstage_application_server_enterpriseMatchv9.0.0rhel_as4_ipf

fujitsuinterstage_application_server_enterpriseMatchv9.0.0rhel_as4_x86

fujitsuinterstage_application_server_enterpriseMatchv9.0.0rhel5_intel64

fujitsuinterstage_application_server_enterpriseMatchv9.0.0rhel5_ipf

fujitsuinterstage_application_server_enterpriseMatchv9.0.0rhel5_x86

fujitsuinterstage_application_server_enterpriseMatchv9.0.0solaris

fujitsuinterstage_application_server_enterpriseMatchv9.0.0windows

fujitsuinterstage_application_server_enterpriseMatchv9.0.0arhel_as4_ipf

fujitsuinterstage_application_server_enterpriseMatchv9.0.0arhel5_ipf

fujitsuinterstage_application_server_enterpriseMatchv9.0.0awindows

fujitsuinterstage_application_server_standard_jMatch8.0.0rhel_as4_em64t

fujitsuinterstage_application_server_standard_jMatch8.0.0rhel_as4_x86

fujitsuinterstage_application_server_standard_jMatch8.0.0solaris

fujitsuinterstage_application_server_standard_jMatch8.0.0windows

fujitsuinterstage_application_server_standard_jMatch8.0.2rhel_as4_em64t

fujitsuinterstage_application_server_standard_jMatch8.0.2rhel_as4_x86

fujitsuinterstage_application_server_standard_jMatch8.0.2solaris

fujitsuinterstage_application_server_standard_jMatch8.0.2windows

fujitsuinterstage_application_server_standard_jMatch8.0.3rhel_as4_em64t

fujitsuinterstage_application_server_standard_jMatch8.0.3rhel_as4_x86

fujitsuinterstage_application_server_standard_jMatch8.0.3solaris

fujitsuinterstage_application_server_standard_jMatch8.0.3windows

fujitsuinterstage_application_server_standard_jMatchv9.0.0.0rhel_as4_em64t

fujitsuinterstage_application_server_standard_jMatchv9.0.0.0rhel_as4_ipf

fujitsuinterstage_application_server_standard_jMatchv9.0.0.0rhel_as4_x86

fujitsuinterstage_application_server_standard_jMatchv9.0.0.0rhel5_intel64

fujitsuinterstage_application_server_standard_jMatchv9.0.0.0rhel5_ipf

fujitsuinterstage_application_server_standard_jMatchv9.0.0.0rhel5_x86

fujitsuinterstage_application_server_standard_jMatchv9.0.0.0solaris

fujitsuinterstage_application_server_standard_jMatchv9.0.0.0windows

fujitsuinterstage_application_server_standard_jMatchv9.0.0awindows

fujitsuinterstage_apworks_enterpriseMatch8.0.0windows

fujitsuinterstage_apworks_standard_jMatch8.0.0windows

fujitsuinterstage_studio_enterpriseMatch8.0.1windows

fujitsuinterstage_studio_enterpriseMatchv9.0.0windows

fujitsuinterstage_studio_standard_jMatch8.0.1windows

fujitsuinterstage_studio_standard_jMatchv9.0.0windows

References

secunia.com/advisories/29088

www.fujitsu.com/global/support/software/security/products-f/interstage-200804e.html

www.securityfocus.com/bid/27966

www.vupen.com/english/advisories/2008/0662

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

7.9 High

AI Score

Confidence

High

0.036 Low

EPSS

Percentile

91.7%

JSON

Related for NVD:CVE-2008-1040

prion1 cvelist1 cve1