Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ubuntucveUbuntu.comUB:CVE-2008-1066
HistoryFeb 28, 2008 - 12:00 a.m.

CVE-2008-1066

2008-02-2800:00:00
ubuntu.com
ubuntu.com
10

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.017 Low

EPSS

Percentile

87.8%

JSON

The modifier.regex_replace.php plugin in Smarty before 2.6.19, as used by
Serendipity (S9Y) and other products, allows attackers to call arbitrary
PHP functions via templates, related to a ‘\0’ character in a search
string.

Bugs

OSVersionArchitecturePackageVersionFilename
ubuntu6.06noarchsmarty< 2.6.11-1ubuntu0.1UNKNOWN
ubuntu6.10noarchsmarty< 2.6.14-1ubuntu0.6.10.1UNKNOWN
ubuntu7.04noarchsmarty< 2.6.14-1ubuntu0.7.04.1UNKNOWN
ubuntu7.10noarchsmarty< 2.6.18-1ubuntu2.1UNKNOWN

Related

fedora 3
nessus 7
securityvulns 3
openvas 12
altlinux 2
gentoo 2
prion 1
cve 1
redhatcve 1
debian 1
fedora
fedora
[SECURITY] Fedora 8 Update: gallery2-2.2.4-3.fc8
2008-04-17 03:53:35
[SECURITY] Fedora 7 Update: gallery2-2.2.4-3.fc7
2008-04-17 03:57:05
[SECURITY] Fedora 8 Update: php-pear-PhpDocumentor-1.4.1-2.fc8
2008-03-26 17:10:33
nessus
nessus
Debian DSA-1520-1 : smarty - insufficient input sanitising
2008-03-17 00:00:00
Fedora 8 : php-pear-PhpDocumentor-1.4.1-2.fc8 (2008-2656)
2008-03-28 00:00:00
openSUSE 10 Security Update : moodle (moodle-5109)
2008-03-21 00:00:00
securityvulns
securityvulns
[SECURITY] [DSA 1520-1] New smarty packages fix arbitrary code execution
2008-03-17 00:00:00
[ GLSA 201111-04 ] phpDocumentor: Function call injection
2011-11-21 00:00:00
Daily web applications security vulnerabilities summary &#40;PHP, ASP, JSP, CGI, Perl&#41;
2008-03-17 00:00:00
openvas
openvas
Fedora Update for gallery2 FEDORA-2008-2587
2009-02-16 00:00:00
Fedora Update for gallery2 FEDORA-2008-2650
2009-02-16 00:00:00
Fedora Update for php-pear-PhpDocumentor FEDORA-2008-2656
2009-02-16 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 7 package smarty version 2.6.19-alt1
2008-03-12 00:00:00
Security fix for the ALT Linux 6 package smarty version 2.6.19-alt1
2008-03-12 00:00:00
gentoo
gentoo
phpDocumentor: Function call injection
2011-11-11 00:00:00
Smarty: Multiple vulnerabilities
2010-06-02 00:00:00
prion
prion
Spoofing
2008-02-28 20:44:00
cve
cve
CVE-2008-1066
2008-02-28 20:44:00
redhatcve
redhatcve
CVE-2008-1066
2019-10-04 21:51:22
debian
debian
[SECURITY] [DSA 1520-1] New smarty packages fix arbitrary code execution
2008-03-16 11:37:01

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.017 Low

EPSS

Percentile

87.8%

JSON
Related for UB:CVE-2008-1066
fedora3nessus7securityvulns3openvas12altlinux2gentoo2prion1cve1redhatcve1debian1