Lucene search
K

8 matches found

Tenable Nessus
Tenable Nessus
added 2025/03/06 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2008-1687

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The 1 maketemp and 2 mkstemp builtin functions in GNU m4 before 1.4.11 do not quote their output when a file is created, which might allow context-dependent...

7.5CVSS5.5AI score0.0245EPSS
Exploits1References2
SUSE CVE
SUSE CVE
added 2023/02/15 6:8 a.m.3 views

SUSE CVE-2008-1687

The 1 maketemp and 2 mkstemp builtin functions in GNU m4 before 1.4.11 do not quote their output when a file is created, which might allow context-dependent attackers to trigger a macro expansion, leading to unspecified use of an incorrect filename...

7.5CVSS6.9AI score0.0245EPSS
Exploits1References3
OpenVAS
OpenVAS
added 2012/09/10 12:0 a.m.19 views

Slackware: Security Advisory (SSA:2008-098-01)

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.5AI score0.02957EPSS
Exploits1References2
seebug.org
seebug.org
added 2008/04/13 12:0 a.m.55 views

GNU m4格式串及文件名引用漏洞

BUGTRAQ ID: 28688 CVECAN ID: CVE-2008-1687,CVE-2008-1688 GNU M4是广泛应用的GNU宏处理器。 GNU M4的src/freeze.c文件中的producefrozenstate函数存在格式串处理漏洞,如果向m4 -F传送了特制的文件名参数的话,就可能导致执行任意指令。 GNU M4在实现maketemp和mkstemp宏时存在漏洞,如果输出字符串中包含有特殊字符的话,就可能导致处理不正确的文件。 GNU m4 1.4.10 GNU --- 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:...

7.5CVSS6.4AI score0.02957EPSS
Exploits1
OSV
OSV
added 2008/04/09 7:5 p.m.8 views

CVE-2008-1687

The 1 maketemp and 2 mkstemp builtin functions in GNU m4 before 1.4.11 do not quote their output when a file is created, which might allow context-dependent attackers to trigger a macro expansion, leading to unspecified use of an incorrect filename...

6.2AI score
Exploits0References11
CVE
CVE
added 2008/04/09 7:0 p.m.55 views

CVE-2008-1687

The CVE-2008-1687 issue affects GNU m4 up to version 1.4.10; the maketemp and mkstemp builtins do not quote their output when creating a file, which can let an attacker trigger a macro expansion and cause the program to use an incorrect filename. The root cause is unquoted output during file crea...

7.5CVSS6.2AI score0.0245EPSS
Exploits1References10Affected Software1
Debian CVE
Debian CVE
added 2008/04/09 7:0 p.m.19 views

CVE-2008-1687

The 1 maketemp and 2 mkstemp builtin functions in GNU m4 before 1.4.11 do not quote their output when a file is created, which might allow context-dependent attackers to trigger a macro expansion, leading to unspecified use of an incorrect filename...

7.5CVSS6.3AI score0.0245EPSS
Exploits1
Slackware Linux
Slackware Linux
added 2008/04/07 6:50 p.m.28 views

[slackware-security] m4

New m4 packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, 10.2, 11.0, 12.0, and -current to fix security issues. More details about the issues may be found in the Common Vulnerabilities and Exposures CVE database: https://vulners.com/cve/CVE-2008-1687...

7.5CVSS6.5AI score0.02957EPSS
Exploits1
Rows per page
Query Builder