Lucene search

[email protected]NVD:CVE-2008-1638

HistoryApr 02, 2008 - 5:44 p.m.

CVE-2008-1638

2008-04-0217:44:00

CWE-264

[email protected]

web.nvd.nist.gov

CVSS2

6.8

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:S/C:C/I:C/A:C

AI Score

6.7

Confidence

High

EPSS

Percentile

9.5%

JSON

Nik Sharpener Pro, possibly 2.0, uses world-writable permissions for plug-in files, which allows local users to gain privileges by replacing a plug-in with a Trojan horse.

Affected configurations

Nvd

Node

nik_software_incnik_sharpener_proMatch2.0inkjet

VendorProductVersionCPE
nik_software_incnik_sharpener_pro2.0cpe:2.3:a:nik_software_inc:nik_sharpener_pro:2.0:*:inkjet:*:*:*:*:*

Vendor	Product	Version	CPE
nik_software_inc	nik_sharpener_pro	2.0	cpe:2.3:a:nik_software_inc:nik_sharpener_pro:2.0::inkjet:::::

References

secunia.com/advisories/29586

www.kb.cert.org/vuls/id/124289

www.securityfocus.com/bid/27707

exchange.xforce.ibmcloud.com/vulnerabilities/41535

CVSS2

6.8

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:S/C:C/I:C/A:C

AI Score

6.7

Confidence

High

EPSS

Percentile

9.5%

JSON

Related for NVD:CVE-2008-1638

cvelist1 cve1 prion1