Lucene search
Ubuntu.comUB:CVE-2008-1687HistoryApr 09, 2008 - 12:00 a.m.
CVE-2008-1687
2008-04-0900:00:00
ubuntu.com
ubuntu.com
10
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.019 Low
EPSS
Percentile
88.3%
The (1) maketemp and (2) mkstemp builtin functions in GNU m4 before 1.4.11
do not quote their output when a file is created, which might allow
context-dependent attackers to trigger a macro expansion, leading to
unspecified use of an incorrect filename.
Related
debiancve
debiancve
CVE-2008-1687
2008-04-09 19:05:00
prion
prion
Code injection
2008-04-09 19:05:00
cve
cve
CVE-2008-1687
2008-04-09 19:05:00
nessus
nessus
openvas
openvas
Slackware: Security Advisory (SSA:2008-098-01)
2012-09-10 00:00:00
Slackware Advisory SSA:2008-098-01 m4
2012-09-11 00:00:00
slackware
slackware
[slackware-security] m4
2008-04-07 18:50:07
seebug
seebug
GNU m4格式串及文件名引用漏洞
2008-04-13 00:00:00
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.019 Low
EPSS
Percentile
88.3%
Related for UB:CVE-2008-1687