Lucene search

K
prionPRIOn knowledge basePRION:CVE-2008-4359
HistoryOct 03, 2008 - 5:41 p.m.

Code injection

2008-10-0317:41:00
PRIOn knowledge base
www.prio-n.com
3

6.7 Medium

AI Score

Confidence

Low

0.01 Low

EPSS

Percentile

83.8%

lighttpd before 1.4.20 compares URIs to patterns in the (1) url.redirect and (2) url.rewrite configuration settings before performing URL decoding, which might allow remote attackers to bypass intended access restrictions, and obtain sensitive information or possibly modify data.

CPENameOperatorVersion
debian_linuxeq4.0
lighttpdlt1.4.20

References

6.7 Medium

AI Score

Confidence

Low

0.01 Low

EPSS

Percentile

83.8%