FKIE_CVE-2008-5647

Vulnerability from fkie_nvd - Published: 2008-12-17 18:30 - Updated: 2025-04-09 00:30
Severity ?
Summary
Unspecified vulnerability in the HTML sanitizer filter in Trac before 0.11.2 allows attackers to conduct phishing attacks via unknown attack vectors.
References
cve@mitre.orghttp://secunia.com/advisories/32652Vendor Advisory
cve@mitre.orghttp://trac.edgewall.org/wiki/ChangeLog
cve@mitre.orghttp://www.securityfocus.com/bid/32226
cve@mitre.orghttp://www.vupen.com/english/advisories/2008/3080
cve@mitre.orghttps://exchange.xforce.ibmcloud.com/vulnerabilities/46491
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/32652Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://trac.edgewall.org/wiki/ChangeLog
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/32226
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2008/3080
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/46491
Impacted products
Vendor Product Version
trac trac *
trac trac *
trac trac 0.5
trac trac 0.5.1
trac trac 0.5.2
trac trac 0.6
trac trac 0.6.1
trac trac 0.7
trac trac 0.7.1
trac trac 0.8
trac trac 0.8.1
trac trac 0.8.2
trac trac 0.8.3
trac trac 0.8.4
trac trac 0.9
trac trac 0.9
trac trac 0.9
trac trac 0.9.1
trac trac 0.9.2
trac trac 0.9.3
trac trac 0.9.4
trac trac 0.9.5
trac trac 0.9.6
trac trac 0.10
trac trac 0.10.1
trac trac 0.10.2
trac trac 0.10.3
trac trac 0.10.3.1
trac trac 0.10.4
trac trac 0.10.5
trac trac 0.11
trac trac 0.11.2
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:trac:trac:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0E0ADC7E-AE8D-467D-AAD4-CFBCB2402E54",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trac:trac:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A4D3A263-EA90-4550-8049-BB770C9CC681",
              "versionEndIncluding": "0.11.2.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trac:trac:0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "F0C99624-9190-42FF-BDE9-A7A5938EDECA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trac:trac:0.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "04F968D4-9691-4ED1-A412-7DF43898863C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trac:trac:0.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "1EE1121C-5E38-4811-A9BA-3122EF00941D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trac:trac:0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "AF9D8496-03C6-4C9E-9511-B32EE1AD6E91",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trac:trac:0.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF4AC75E-2EE6-4333-9AA5-B26571CA86AB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trac:trac:0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "A370F182-C0BF-4E53-81B5-57E03974FA00",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trac:trac:0.7.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "9C37AA14-7184-4FFC-BEDE-B567EE315E9F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trac:trac:0.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "661C665F-A7F1-4631-B232-1DC9A2635E77",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trac:trac:0.8.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "9710175D-AB7F-4416-9BD6-DD9BD9D0D322",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trac:trac:0.8.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "3829D131-F1DB-426E-82C9-C39CBC1D8164",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trac:trac:0.8.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "9410D67A-6338-4076-AF88-9DFAB701E1FF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trac:trac:0.8.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "9239A5E2-62D4-4100-BA88-B114FE5944F0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trac:trac:0.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "39206222-52BA-49B3-B2D8-1AFB247AA05F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trac:trac:0.9:b1:*:*:*:*:*:*",
              "matchCriteriaId": "BF8C0FF0-98FF-463F-B9F0-B26DC587CE05",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trac:trac:0.9:b2:*:*:*:*:*:*",
              "matchCriteriaId": "ED00A360-A4BD-44A9-BF88-A81257CF5E3C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trac:trac:0.9.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "CEEE9CAF-6A17-4B68-988B-2EA0183FC45E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trac:trac:0.9.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "CE0E4289-9154-4547-8DAA-51536706EFE7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trac:trac:0.9.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "7836864F-1F39-479A-99D0-A00247711FB4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trac:trac:0.9.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "14D2B12D-3479-435C-BF76-158C4152C548",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trac:trac:0.9.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "E9AC7C92-2D82-470E-A04A-5C2B5AAA8CFA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trac:trac:0.9.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "87EB909D-2F50-456E-9339-31617A9FC64E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trac:trac:0.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "351C68FA-9A8E-4E65-BD8E-44F5BBDAFE8A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trac:trac:0.10.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "76B67191-EBC8-4679-9434-9AF56E9151B7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trac:trac:0.10.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "CA90857B-FA3A-4DD8-A20D-04837CCFFF77",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trac:trac:0.10.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "3012B1CE-686F-4F0E-BCB2-790D7C30D257",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trac:trac:0.10.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F826915A-400C-4DC8-83A3-6EC158ACE0D0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trac:trac:0.10.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "D1E1B93B-A614-45FA-8158-538213B8E441",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trac:trac:0.10.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "1BB1EA1E-C8FC-4463-B48A-22A6CEB1E76D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trac:trac:0.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E33E8D3-578A-4B4F-8696-FEE41B5947DD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trac:trac:0.11.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "5835EE6F-06BE-49D9-BDDC-A347E0683EF4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Unspecified vulnerability in the HTML sanitizer filter in Trac before 0.11.2 allows attackers to conduct phishing attacks via unknown attack vectors."
    },
    {
      "lang": "es",
      "value": "Vulnerabilidad no especificada en el filtro HTML sanitizer de Trac anterior a 0.11.2, permite a los atacantes dirigir ataques de phishing a trav\u00e9s de vectores de ataque desconocidos."
    }
  ],
  "id": "CVE-2008-5647",
  "lastModified": "2025-04-09T00:30:58.490",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": true,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2008-12-17T18:30:01.140",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/32652"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://trac.edgewall.org/wiki/ChangeLog"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/32226"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2008/3080"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46491"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/32652"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://trac.edgewall.org/wiki/ChangeLog"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/32226"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2008/3080"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46491"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.