cvelistv5 - cve-2008-4105

CVE-2008-4105 (GCVE-0-2008-4105)

Vulnerability from cvelistv5 – Published: 2008-09-18 17:47 – Updated: 2024-08-07 10:00

Summary

JRequest in Joomla! 1.5 before 1.5.7 does not sanitize variables that were set with JRequest::setVar, which allows remote attackers to conduct "variable injection" attacks and have unspecified other impact.

Severity ?

No CVSS data available.

CWE

Assigner

mitre

References

URL

Tags

	http://marc.info/?l=oss-security&m=122152798516853&w=2	mailing-listx_refsource_MLIST
	http://developer.joomla.org/security/news/271-200…	x_refsource_CONFIRM
	http://secunia.com/advisories/31789	third-party-advisoryx_refsource_SECUNIA
	http://marc.info/?l=oss-security&m=122115344915232&w=2	mailing-listx_refsource_MLIST
	http://securityreason.com/securityalert/4275	third-party-advisoryx_refsource_SREASON
	https://exchange.xforce.ibmcloud.com/vulnerabilit…	vdb-entryx_refsource_XF
	http://marc.info/?l=oss-security&m=122118210029084&w=2	mailing-listx_refsource_MLIST
	http://securitytracker.com/id?1020843	vdb-entryx_refsource_SECTRACK

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T10:00:42.951Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "[oss-security] 20080916 Re: CVE request: joomla \u003c 1.5.7",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=oss-security\u0026m=122152798516853\u0026w=2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://developer.joomla.org/security/news/271-20080901-core-jrequest-variable-injection.html"
          },
          {
            "name": "31789",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/31789"
          },
          {
            "name": "[oss-security] 20080911 CVE request: joomla \u003c 1.5.7",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=oss-security\u0026m=122115344915232\u0026w=2"
          },
          {
            "name": "4275",
            "tags": [
              "third-party-advisory",
              "x_refsource_SREASON",
              "x_transferred"
            ],
            "url": "http://securityreason.com/securityalert/4275"
          },
          {
            "name": "joomla-jrequest-command-execution(45069)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45069"
          },
          {
            "name": "[oss-security] 20080911 CVE request for Joomla multiple vuln.",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=oss-security\u0026m=122118210029084\u0026w=2"
          },
          {
            "name": "1020843",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1020843"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2008-09-09T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "JRequest in Joomla! 1.5 before 1.5.7 does not sanitize variables that were set with JRequest::setVar, which allows remote attackers to conduct \"variable injection\" attacks and have unspecified other impact."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-08-07T12:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "[oss-security] 20080916 Re: CVE request: joomla \u003c 1.5.7",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://marc.info/?l=oss-security\u0026m=122152798516853\u0026w=2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://developer.joomla.org/security/news/271-20080901-core-jrequest-variable-injection.html"
        },
        {
          "name": "31789",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/31789"
        },
        {
          "name": "[oss-security] 20080911 CVE request: joomla \u003c 1.5.7",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://marc.info/?l=oss-security\u0026m=122115344915232\u0026w=2"
        },
        {
          "name": "4275",
          "tags": [
            "third-party-advisory",
            "x_refsource_SREASON"
          ],
          "url": "http://securityreason.com/securityalert/4275"
        },
        {
          "name": "joomla-jrequest-command-execution(45069)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45069"
        },
        {
          "name": "[oss-security] 20080911 CVE request for Joomla multiple vuln.",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://marc.info/?l=oss-security\u0026m=122118210029084\u0026w=2"
        },
        {
          "name": "1020843",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1020843"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2008-4105",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "JRequest in Joomla! 1.5 before 1.5.7 does not sanitize variables that were set with JRequest::setVar, which allows remote attackers to conduct \"variable injection\" attacks and have unspecified other impact."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "[oss-security] 20080916 Re: CVE request: joomla \u003c 1.5.7",
              "refsource": "MLIST",
              "url": "http://marc.info/?l=oss-security\u0026m=122152798516853\u0026w=2"
            },
            {
              "name": "http://developer.joomla.org/security/news/271-20080901-core-jrequest-variable-injection.html",
              "refsource": "CONFIRM",
              "url": "http://developer.joomla.org/security/news/271-20080901-core-jrequest-variable-injection.html"
            },
            {
              "name": "31789",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/31789"
            },
            {
              "name": "[oss-security] 20080911 CVE request: joomla \u003c 1.5.7",
              "refsource": "MLIST",
              "url": "http://marc.info/?l=oss-security\u0026m=122115344915232\u0026w=2"
            },
            {
              "name": "4275",
              "refsource": "SREASON",
              "url": "http://securityreason.com/securityalert/4275"
            },
            {
              "name": "joomla-jrequest-command-execution(45069)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45069"
            },
            {
              "name": "[oss-security] 20080911 CVE request for Joomla multiple vuln.",
              "refsource": "MLIST",
              "url": "http://marc.info/?l=oss-security\u0026m=122118210029084\u0026w=2"
            },
            {
              "name": "1020843",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1020843"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2008-4105",
    "datePublished": "2008-09-18T17:47:00",
    "dateReserved": "2008-09-15T00:00:00",
    "dateUpdated": "2024-08-07T10:00:42.951Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:joomla:joomla:1.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2017D307-89B3-4D94-A266-C7D8D45960A6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:joomla:joomla:1.5.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8CCDBF4D-A797-4828-A084-8C775FA94BDF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:joomla:joomla:1.5.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BB1B7CF2-B717-4F37-A923-0E188FF3C47F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:joomla:joomla:1.5.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"CBA35EF1-1F8C-4AEA-89A0-3C1DD2DFBFE8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:joomla:joomla:1.5.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3333C204-A022-4B53-B61F-3C5601F21FC0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:joomla:joomla:1.5.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F2752717-AA95-4398-8091-24FD5925C4F7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:joomla:joomla:1.5.6:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F7B3B3FB-E67D-4D9A-BE01-855FA2545772\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"JRequest in Joomla! 1.5 before 1.5.7 does not sanitize variables that were set with JRequest::setVar, which allows remote attackers to conduct \\\"variable injection\\\" attacks and have unspecified other impact.\"}, {\"lang\": \"es\", \"value\": \"JRequest en Joomla! 1.5 y versiones anteriores a 1.5.7 limpia correctamente variable establecidas con JRequest::setVar, el cual permite a los atacante remotos realizar un ataque de \\\"inyecci\\u00f3n de variable\\\" y tiene otras consecuencias no especificadas.\"}]",
      "id": "CVE-2008-4105",
      "lastModified": "2024-11-21T00:50:54.693",
      "metrics": "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:P/I:P/A:P\", \"baseScore\": 7.5, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"HIGH\", \"exploitabilityScore\": 10.0, \"impactScore\": 6.4, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": true, \"userInteractionRequired\": false}]}",
      "published": "2008-09-18T17:59:32.983",
      "references": "[{\"url\": \"http://developer.joomla.org/security/news/271-20080901-core-jrequest-variable-injection.html\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://marc.info/?l=oss-security\u0026m=122115344915232\u0026w=2\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://marc.info/?l=oss-security\u0026m=122118210029084\u0026w=2\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://marc.info/?l=oss-security\u0026m=122152798516853\u0026w=2\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://secunia.com/advisories/31789\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://securityreason.com/securityalert/4275\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://securitytracker.com/id?1020843\", \"source\": \"cve@mitre.org\"}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/45069\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://developer.joomla.org/security/news/271-20080901-core-jrequest-variable-injection.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://marc.info/?l=oss-security\u0026m=122115344915232\u0026w=2\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://marc.info/?l=oss-security\u0026m=122118210029084\u0026w=2\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://marc.info/?l=oss-security\u0026m=122152798516853\u0026w=2\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://secunia.com/advisories/31789\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://securityreason.com/securityalert/4275\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://securitytracker.com/id?1020843\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/45069\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
      "sourceIdentifier": "cve@mitre.org",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-20\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2008-4105\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2008-09-18T17:59:32.983\",\"lastModified\":\"2025-04-09T00:30:58.490\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"JRequest in Joomla! 1.5 before 1.5.7 does not sanitize variables that were set with JRequest::setVar, which allows remote attackers to conduct \\\"variable injection\\\" attacks and have unspecified other impact.\"},{\"lang\":\"es\",\"value\":\"JRequest en Joomla! 1.5 y versiones anteriores a 1.5.7 limpia correctamente variable establecidas con JRequest::setVar, el cual permite a los atacante remotos realizar un ataque de \\\"inyecci\u00f3n de variable\\\" y tiene otras consecuencias no especificadas.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:P/I:P/A:P\",\"baseScore\":7.5,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":true,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-20\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:joomla:joomla:1.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2017D307-89B3-4D94-A266-C7D8D45960A6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:joomla:joomla:1.5.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8CCDBF4D-A797-4828-A084-8C775FA94BDF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:joomla:joomla:1.5.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BB1B7CF2-B717-4F37-A923-0E188FF3C47F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:joomla:joomla:1.5.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CBA35EF1-1F8C-4AEA-89A0-3C1DD2DFBFE8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:joomla:joomla:1.5.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3333C204-A022-4B53-B61F-3C5601F21FC0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:joomla:joomla:1.5.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F2752717-AA95-4398-8091-24FD5925C4F7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:joomla:joomla:1.5.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F7B3B3FB-E67D-4D9A-BE01-855FA2545772\"}]}]}],\"references\":[{\"url\":\"http://developer.joomla.org/security/news/271-20080901-core-jrequest-variable-injection.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://marc.info/?l=oss-security\u0026m=122115344915232\u0026w=2\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://marc.info/?l=oss-security\u0026m=122118210029084\u0026w=2\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://marc.info/?l=oss-security\u0026m=122152798516853\u0026w=2\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://secunia.com/advisories/31789\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://securityreason.com/securityalert/4275\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://securitytracker.com/id?1020843\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/45069\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://developer.joomla.org/security/news/271-20080901-core-jrequest-variable-injection.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://marc.info/?l=oss-security\u0026m=122115344915232\u0026w=2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://marc.info/?l=oss-security\u0026m=122118210029084\u0026w=2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://marc.info/?l=oss-security\u0026m=122152798516853\u0026w=2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/31789\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://securityreason.com/securityalert/4275\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://securitytracker.com/id?1020843\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/45069\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}

CERTA-2008-AVI-456

Vulnerability from certfr_avis - Published: - Updated:

Plusieurs vulnérabilités affectent le logiciel Joomla!. Elles permettent de contourner la politique de sécurité ou de porter atteinte à l'intégrité des données.

Description

Une vulnérabilité dans JRequest permet de modifier des variables et, par exemple, d'injecter des caractères non désirés.

Un défaut dans le générateur de nombres aléatoires permet de deviner les mots de passe et les jetons créés par l'application.

Deux vulnérabilités permettent l'envoi de pourriel et la redirection vers des sites malveillants.

Solution

La version 1.5.7 corrige ces problèmes.

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Joomla! version 1.5.6 et versions précédentes.

Impacted products

	Vendor	Product	Description

References

Title

Publication Time

Tags

Bulletins de sécurité Joomla! du 09 septembre 2008	None	vendor-advisory
Site du projet Joomla! :	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [],
  "affected_systems_content": "\u003cp\u003eJoomla! version 1.5.6 et versions  pr\u00e9c\u00e9dentes.\u003c/p\u003e",
  "content": "## Description\n\nUne vuln\u00e9rabilit\u00e9 dans JRequest permet de modifier des variables et, par\nexemple, d\u0027injecter des caract\u00e8res non d\u00e9sir\u00e9s.\n\nUn d\u00e9faut dans le g\u00e9n\u00e9rateur de nombres al\u00e9atoires permet de deviner les\nmots de passe et les jetons cr\u00e9\u00e9s par l\u0027application.\n\nDeux vuln\u00e9rabilit\u00e9s permettent l\u0027envoi de pourriel et la redirection\nvers des sites malveillants.\n\n## Solution\n\nLa version 1.5.7 corrige ces probl\u00e8mes.\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2008-4103",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-4103"
    },
    {
      "name": "CVE-2008-4104",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-4104"
    },
    {
      "name": "CVE-2008-4102",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-4102"
    },
    {
      "name": "CVE-2008-4105",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-4105"
    }
  ],
  "links": [
    {
      "title": "Site du projet Joomla! :",
      "url": "http://www.joomla.org"
    }
  ],
  "reference": "CERTA-2008-AVI-456",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2008-09-11T00:00:00.000000"
    },
    {
      "description": "ajout des r\u00e9f\u00e9rences CVE.",
      "revision_date": "2008-09-19T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    }
  ],
  "summary": "Plusieurs vuln\u00e9rabilit\u00e9s affectent le logiciel Joomla!. Elles permettent\nde contourner la politique de s\u00e9curit\u00e9 ou de porter atteinte \u00e0\nl\u0027int\u00e9grit\u00e9 des donn\u00e9es.\n",
  "title": "Vuln\u00e9rabilit\u00e9s de Joomla!",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletins de s\u00e9curit\u00e9 Joomla! du 09 septembre 2008",
      "url": "http://developer.joomla.org/security/news/274-20080904-core-redirect-spam.html"
    }
  ]
}

CERTA-2008-AVI-456

Vulnerability from certfr_avis - Published: - Updated:

Plusieurs vulnérabilités affectent le logiciel Joomla!. Elles permettent de contourner la politique de sécurité ou de porter atteinte à l'intégrité des données.

Description

Une vulnérabilité dans JRequest permet de modifier des variables et, par exemple, d'injecter des caractères non désirés.

Un défaut dans le générateur de nombres aléatoires permet de deviner les mots de passe et les jetons créés par l'application.

Deux vulnérabilités permettent l'envoi de pourriel et la redirection vers des sites malveillants.

Solution

La version 1.5.7 corrige ces problèmes.

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Joomla! version 1.5.6 et versions précédentes.

Impacted products

	Vendor	Product	Description

References

Title

Publication Time

Tags

Bulletins de sécurité Joomla! du 09 septembre 2008	None	vendor-advisory
Site du projet Joomla! :	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [],
  "affected_systems_content": "\u003cp\u003eJoomla! version 1.5.6 et versions  pr\u00e9c\u00e9dentes.\u003c/p\u003e",
  "content": "## Description\n\nUne vuln\u00e9rabilit\u00e9 dans JRequest permet de modifier des variables et, par\nexemple, d\u0027injecter des caract\u00e8res non d\u00e9sir\u00e9s.\n\nUn d\u00e9faut dans le g\u00e9n\u00e9rateur de nombres al\u00e9atoires permet de deviner les\nmots de passe et les jetons cr\u00e9\u00e9s par l\u0027application.\n\nDeux vuln\u00e9rabilit\u00e9s permettent l\u0027envoi de pourriel et la redirection\nvers des sites malveillants.\n\n## Solution\n\nLa version 1.5.7 corrige ces probl\u00e8mes.\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2008-4103",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-4103"
    },
    {
      "name": "CVE-2008-4104",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-4104"
    },
    {
      "name": "CVE-2008-4102",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-4102"
    },
    {
      "name": "CVE-2008-4105",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-4105"
    }
  ],
  "links": [
    {
      "title": "Site du projet Joomla! :",
      "url": "http://www.joomla.org"
    }
  ],
  "reference": "CERTA-2008-AVI-456",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2008-09-11T00:00:00.000000"
    },
    {
      "description": "ajout des r\u00e9f\u00e9rences CVE.",
      "revision_date": "2008-09-19T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    }
  ],
  "summary": "Plusieurs vuln\u00e9rabilit\u00e9s affectent le logiciel Joomla!. Elles permettent\nde contourner la politique de s\u00e9curit\u00e9 ou de porter atteinte \u00e0\nl\u0027int\u00e9grit\u00e9 des donn\u00e9es.\n",
  "title": "Vuln\u00e9rabilit\u00e9s de Joomla!",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletins de s\u00e9curit\u00e9 Joomla! du 09 septembre 2008",
      "url": "http://developer.joomla.org/security/news/274-20080904-core-redirect-spam.html"
    }
  ]
}

FKIE_CVE-2008-4105

Vulnerability from fkie_nvd - Published: 2008-09-18 17:59 - Updated: 2025-04-09 00:30

Severity ?

Summary

References

	URL	Tags
	cve@mitre.org	http://developer.joomla.org/security/news/271-20080901-core-jrequest-variable-injection.html
	cve@mitre.org	http://marc.info/?l=oss-security&m=122115344915232&w=2
	cve@mitre.org	http://marc.info/?l=oss-security&m=122118210029084&w=2
	cve@mitre.org	http://marc.info/?l=oss-security&m=122152798516853&w=2
	cve@mitre.org	http://secunia.com/advisories/31789
	cve@mitre.org	http://securityreason.com/securityalert/4275
	cve@mitre.org	http://securitytracker.com/id?1020843
	cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/45069
	af854a3a-2127-422b-91ae-364da2661108	http://developer.joomla.org/security/news/271-20080901-core-jrequest-variable-injection.html
	af854a3a-2127-422b-91ae-364da2661108	http://marc.info/?l=oss-security&m=122115344915232&w=2
	af854a3a-2127-422b-91ae-364da2661108	http://marc.info/?l=oss-security&m=122118210029084&w=2
	af854a3a-2127-422b-91ae-364da2661108	http://marc.info/?l=oss-security&m=122152798516853&w=2
	af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/31789
	af854a3a-2127-422b-91ae-364da2661108	http://securityreason.com/securityalert/4275
	af854a3a-2127-422b-91ae-364da2661108	http://securitytracker.com/id?1020843
	af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/45069

Impacted products

Vendor	Product	Version
joomla	joomla	1.5
joomla	joomla	1.5.1
joomla	joomla	1.5.2
joomla	joomla	1.5.3
joomla	joomla	1.5.4
joomla	joomla	1.5.5
joomla	joomla	1.5.6

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:joomla:joomla:1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "2017D307-89B3-4D94-A266-C7D8D45960A6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:joomla:joomla:1.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "8CCDBF4D-A797-4828-A084-8C775FA94BDF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:joomla:joomla:1.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "BB1B7CF2-B717-4F37-A923-0E188FF3C47F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:joomla:joomla:1.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "CBA35EF1-1F8C-4AEA-89A0-3C1DD2DFBFE8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:joomla:joomla:1.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "3333C204-A022-4B53-B61F-3C5601F21FC0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:joomla:joomla:1.5.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "F2752717-AA95-4398-8091-24FD5925C4F7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:joomla:joomla:1.5.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "F7B3B3FB-E67D-4D9A-BE01-855FA2545772",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "JRequest in Joomla! 1.5 before 1.5.7 does not sanitize variables that were set with JRequest::setVar, which allows remote attackers to conduct \"variable injection\" attacks and have unspecified other impact."
    },
    {
      "lang": "es",
      "value": "JRequest en Joomla! 1.5 y versiones anteriores a 1.5.7 limpia correctamente variable establecidas con JRequest::setVar, el cual permite a los atacante remotos realizar un ataque de \"inyecci\u00f3n de variable\" y tiene otras consecuencias no especificadas."
    }
  ],
  "id": "CVE-2008-4105",
  "lastModified": "2025-04-09T00:30:58.490",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 7.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": true,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2008-09-18T17:59:32.983",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://developer.joomla.org/security/news/271-20080901-core-jrequest-variable-injection.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://marc.info/?l=oss-security\u0026m=122115344915232\u0026w=2"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://marc.info/?l=oss-security\u0026m=122118210029084\u0026w=2"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://marc.info/?l=oss-security\u0026m=122152798516853\u0026w=2"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/31789"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://securityreason.com/securityalert/4275"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://securitytracker.com/id?1020843"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45069"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://developer.joomla.org/security/news/271-20080901-core-jrequest-variable-injection.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://marc.info/?l=oss-security\u0026m=122115344915232\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://marc.info/?l=oss-security\u0026m=122118210029084\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://marc.info/?l=oss-security\u0026m=122152798516853\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/31789"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securityreason.com/securityalert/4275"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securitytracker.com/id?1020843"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45069"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

GSD-2008-4105

Vulnerability from gsd - Updated: 2023-12-13 01:22

Details

Aliases

CVE-2008-4105

Aliases

CVE-2008-4105

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2008-4105",
    "description": "JRequest in Joomla! 1.5 before 1.5.7 does not sanitize variables that were set with JRequest::setVar, which allows remote attackers to conduct \"variable injection\" attacks and have unspecified other impact.",
    "id": "GSD-2008-4105"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2008-4105"
      ],
      "details": "JRequest in Joomla! 1.5 before 1.5.7 does not sanitize variables that were set with JRequest::setVar, which allows remote attackers to conduct \"variable injection\" attacks and have unspecified other impact.",
      "id": "GSD-2008-4105",
      "modified": "2023-12-13T01:22:59.987294Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2008-4105",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "JRequest in Joomla! 1.5 before 1.5.7 does not sanitize variables that were set with JRequest::setVar, which allows remote attackers to conduct \"variable injection\" attacks and have unspecified other impact."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "[oss-security] 20080916 Re: CVE request: joomla \u003c 1.5.7",
            "refsource": "MLIST",
            "url": "http://marc.info/?l=oss-security\u0026m=122152798516853\u0026w=2"
          },
          {
            "name": "http://developer.joomla.org/security/news/271-20080901-core-jrequest-variable-injection.html",
            "refsource": "CONFIRM",
            "url": "http://developer.joomla.org/security/news/271-20080901-core-jrequest-variable-injection.html"
          },
          {
            "name": "31789",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/31789"
          },
          {
            "name": "[oss-security] 20080911 CVE request: joomla \u003c 1.5.7",
            "refsource": "MLIST",
            "url": "http://marc.info/?l=oss-security\u0026m=122115344915232\u0026w=2"
          },
          {
            "name": "4275",
            "refsource": "SREASON",
            "url": "http://securityreason.com/securityalert/4275"
          },
          {
            "name": "joomla-jrequest-command-execution(45069)",
            "refsource": "XF",
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45069"
          },
          {
            "name": "[oss-security] 20080911 CVE request for Joomla multiple vuln.",
            "refsource": "MLIST",
            "url": "http://marc.info/?l=oss-security\u0026m=122118210029084\u0026w=2"
          },
          {
            "name": "1020843",
            "refsource": "SECTRACK",
            "url": "http://securitytracker.com/id?1020843"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:joomla:joomla:1.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:joomla:joomla:1.5.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:joomla:joomla:1.5.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:joomla:joomla:1.5.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:joomla:joomla:1.5.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:joomla:joomla:1.5.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:joomla:joomla:1.5.6:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2008-4105"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "JRequest in Joomla! 1.5 before 1.5.7 does not sanitize variables that were set with JRequest::setVar, which allows remote attackers to conduct \"variable injection\" attacks and have unspecified other impact."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-20"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://developer.joomla.org/security/news/271-20080901-core-jrequest-variable-injection.html",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "http://developer.joomla.org/security/news/271-20080901-core-jrequest-variable-injection.html"
            },
            {
              "name": "[oss-security] 20080911 CVE request for Joomla multiple vuln.",
              "refsource": "MLIST",
              "tags": [],
              "url": "http://marc.info/?l=oss-security\u0026m=122118210029084\u0026w=2"
            },
            {
              "name": "[oss-security] 20080911 CVE request: joomla \u003c 1.5.7",
              "refsource": "MLIST",
              "tags": [],
              "url": "http://marc.info/?l=oss-security\u0026m=122115344915232\u0026w=2"
            },
            {
              "name": "[oss-security] 20080916 Re: CVE request: joomla \u003c 1.5.7",
              "refsource": "MLIST",
              "tags": [],
              "url": "http://marc.info/?l=oss-security\u0026m=122152798516853\u0026w=2"
            },
            {
              "name": "1020843",
              "refsource": "SECTRACK",
              "tags": [],
              "url": "http://securitytracker.com/id?1020843"
            },
            {
              "name": "4275",
              "refsource": "SREASON",
              "tags": [],
              "url": "http://securityreason.com/securityalert/4275"
            },
            {
              "name": "31789",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/31789"
            },
            {
              "name": "joomla-jrequest-command-execution(45069)",
              "refsource": "XF",
              "tags": [],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45069"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 6.4,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": true,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2017-08-08T01:32Z",
      "publishedDate": "2008-09-18T17:59Z"
    }
  }
}

GHSA-HVCX-QQG5-776H

Vulnerability from github – Published: 2022-05-02 00:06 – Updated: 2022-05-02 00:06

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2008-4105"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-20"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2008-09-18T17:59:00Z",
    "severity": "HIGH"
  },
  "details": "JRequest in Joomla! 1.5 before 1.5.7 does not sanitize variables that were set with JRequest::setVar, which allows remote attackers to conduct \"variable injection\" attacks and have unspecified other impact.",
  "id": "GHSA-hvcx-qqg5-776h",
  "modified": "2022-05-02T00:06:49Z",
  "published": "2022-05-02T00:06:49Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2008-4105"
    },
    {
      "type": "WEB",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45069"
    },
    {
      "type": "WEB",
      "url": "http://developer.joomla.org/security/news/271-20080901-core-jrequest-variable-injection.html"
    },
    {
      "type": "WEB",
      "url": "http://marc.info/?l=oss-security\u0026m=122115344915232\u0026w=2"
    },
    {
      "type": "WEB",
      "url": "http://marc.info/?l=oss-security\u0026m=122118210029084\u0026w=2"
    },
    {
      "type": "WEB",
      "url": "http://marc.info/?l=oss-security\u0026m=122152798516853\u0026w=2"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/31789"
    },
    {
      "type": "WEB",
      "url": "http://securityreason.com/securityalert/4275"
    },
    {
      "type": "WEB",
      "url": "http://securitytracker.com/id?1020843"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2008-4105 (GCVE-0-2008-4105)

CERTA-2008-AVI-456

Description

Solution

CERTA-2008-AVI-456

Description

Solution

FKIE_CVE-2008-4105

GSD-2008-4105

GHSA-HVCX-QQG5-776H

Tags

Sightings

Nomenclature