var-200810-0141
Vulnerability from variot
Heap-based buffer overflow in the local IPC component in the EAPOLController plugin for configd (Networking component) in Mac OS X 10.4.11 and 10.5.5 allows local users to execute arbitrary code via unknown vectors. A vulnerability in a common PHP extension module could allow a remote attacker to execute code on a vulnerable system. Apple Mac OS X is prone to multiple security vulnerabilities that have been addressed in Security Update 2008-007. The security update addresses a total of 11 new vulnerabilities that affect the ColorSync, CUPS, Finder, launchd, Networking, Postfix, PSNormalizer, rlogin, Script Editor, and Weblog components of Mac OS X. The advisory also contains security updates for 30 previously reported issues. NOTE: This BID is being retired; the following individual records have been created to better document these issues: 31716 Apple Script Editor Unspecified Insecure Temporary File Creation Vulnerability 31718 Apple Mac OS X Server Weblog Access Control List Security Bypass Vulnerability 31708 Apple Mac OS X 'hosts.equiv' Security Bypass Vulnerability 31721 Apple Mac OS X 10.5 Postfix Security Bypass Vulnerability 31719 Apple PSNormalizer PostScript Buffer Overflow Vulnerability 31711 Apple Mac OS X 'configd' EAPOLController Plugin Local Heap Based Buffer Overflow Vulnerability 31715 Apple Mac OS X ColorSync ICC Profile Remote Buffer Overflow Vulnerability 31720 Apple Finder Denial of Service Vulnerability 31707 Apple OS X QuickLook Excel File Integer Overflow Vulnerability 31688 CUPS 'HP-GL/2' Filter Remote Code Execution Vulnerability 31722 Apple Mac OS X 10.5 'launchd' Unspecified Security Bypass Vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the affected software or to obtain SYSTEM-level privileges. Failed attempts will cause denial-of-service conditions. Local or remote attackers may exploit these vulnerabilities to cause multiple threats. Malicious files may cause Finder to terminate unexpectedly when generating icons, and Finder will continue to restart and termination. Until this file is deleted, the user account cannot be accessed through the Finder user interface.
Bist Du interessiert an einem neuen Job in IT-Sicherheit?
Secunia hat zwei freie Stellen als Junior und Senior Spezialist in IT- Sicherheit: http://secunia.com/secunia_vacancies/
TITLE: phpPgAds XML-RPC PHP Code Execution Vulnerability
SECUNIA ADVISORY ID: SA15884
VERIFY ADVISORY: http://secunia.com/advisories/15884/
CRITICAL: Highly critical
IMPACT: System access
WHERE:
From remote
SOFTWARE: phpPgAds 2.x http://secunia.com/product/4577/
DESCRIPTION: A vulnerability has been reported in phpPgAds, which can be exploited by malicious people to compromise a vulnerable system.
For more information: SA15852
SOLUTION: Update to version 2.0.5. http://sourceforge.net/project/showfiles.php?group_id=36679
OTHER REFERENCES: SA15852: http://secunia.com/advisories/15852/
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200810-0141",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "mac os x server",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "10.5.5"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "10.4.11"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "10.5.5"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "10.4.11"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "drupal",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "gentoo linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "mandriva",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "pear xml rpc",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "phpxmlrpc",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "postnuke",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "red hat",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "serendipity",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "trustix secure linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ubuntu linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "wordpress",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "xoops",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "phpmyfaq",
"version": null
},
{
"model": "mac os x",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "v10.4.11"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "v10.5.5"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "v10.4.11"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "v10.5.5"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "x10.4.8"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "x10.4.9"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "x10.4.9"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "x10.5.3"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "x10.4.10"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "x10.5.3"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "x10.4.10"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "x10.5.5"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "x10.5"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "x10.4"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "x10.4.5"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "x10.5.5"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "x10.5"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "x10.5.4"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "x10.4"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "x10.4.7"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "x10.4.5"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "x10.4.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "x10.5.4"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "x10.5.2"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "x10.4.7"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "x10.5.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "x10.4.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "x10.4.4"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "x10.4.6"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "x10.5.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "x10.4.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "x10.4.3"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "x10.5.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "x10.4.4"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "x10.4.6"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "x10.4.2"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "x10.4.3"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "x10.4.11"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "x10.4.8"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "x10.4.11"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#442845"
},
{
"db": "BID",
"id": "31681"
},
{
"db": "BID",
"id": "31711"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-001814"
},
{
"db": "CNNVD",
"id": "CNNVD-200810-163"
},
{
"db": "NVD",
"id": "CVE-2008-3645"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.4.11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x_server:10.4.11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.5.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x_server:10.5.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2008-3645"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "regenrechtSergio AlvarezRalf Meyer",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200810-163"
}
],
"trust": 0.6
},
"cve": "CVE-2008-3645",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Local",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 7.2,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2008-3645",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"id": "VHN-33770",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:L/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2008-3645",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#442845",
"trust": 0.8,
"value": "20.75"
},
{
"author": "CNNVD",
"id": "CNNVD-200810-163",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-33770",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#442845"
},
{
"db": "VULHUB",
"id": "VHN-33770"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-001814"
},
{
"db": "CNNVD",
"id": "CNNVD-200810-163"
},
{
"db": "NVD",
"id": "CVE-2008-3645"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Heap-based buffer overflow in the local IPC component in the EAPOLController plugin for configd (Networking component) in Mac OS X 10.4.11 and 10.5.5 allows local users to execute arbitrary code via unknown vectors. A vulnerability in a common PHP extension module could allow a remote attacker to execute code on a vulnerable system. Apple Mac OS X is prone to multiple security vulnerabilities that have been addressed in Security Update 2008-007. \nThe security update addresses a total of 11 new vulnerabilities that affect the ColorSync, CUPS, Finder, launchd, Networking, Postfix, PSNormalizer, rlogin, Script Editor, and Weblog components of Mac OS X. The advisory also contains security updates for 30 previously reported issues. \nNOTE: This BID is being retired; the following individual records have been created to better document these issues:\n31716 Apple Script Editor Unspecified Insecure Temporary File Creation Vulnerability\n31718 Apple Mac OS X Server Weblog Access Control List Security Bypass Vulnerability\n31708 Apple Mac OS X \u0027hosts.equiv\u0027 Security Bypass Vulnerability\n31721 Apple Mac OS X 10.5 Postfix Security Bypass Vulnerability\n31719 Apple PSNormalizer PostScript Buffer Overflow Vulnerability\n31711 Apple Mac OS X \u0027configd\u0027 EAPOLController Plugin Local Heap Based Buffer Overflow Vulnerability\n31715 Apple Mac OS X ColorSync ICC Profile Remote Buffer Overflow Vulnerability\n31720 Apple Finder Denial of Service Vulnerability\n31707 Apple OS X QuickLook Excel File Integer Overflow Vulnerability\n31688 CUPS \u0027HP-GL/2\u0027 Filter Remote Code Execution Vulnerability\n31722 Apple Mac OS X 10.5 \u0027launchd\u0027 Unspecified Security Bypass Vulnerability. \nAttackers can exploit this issue to execute arbitrary code in the context of the affected software or to obtain SYSTEM-level privileges. Failed attempts will cause denial-of-service conditions. Local or remote attackers may exploit these vulnerabilities to cause multiple threats. Malicious files may cause Finder to terminate unexpectedly when generating icons, and Finder will continue to restart and termination. Until this file is deleted, the user account cannot be accessed through the Finder user interface. \n\n----------------------------------------------------------------------\n\nBist Du interessiert an einem neuen Job in IT-Sicherheit?\n\n\nSecunia hat zwei freie Stellen als Junior und Senior Spezialist in IT-\nSicherheit:\nhttp://secunia.com/secunia_vacancies/\n\n----------------------------------------------------------------------\n\nTITLE:\nphpPgAds XML-RPC PHP Code Execution Vulnerability\n\nSECUNIA ADVISORY ID:\nSA15884\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/15884/\n\nCRITICAL:\nHighly critical\n\nIMPACT:\nSystem access\n\nWHERE:\n\u003eFrom remote\n\nSOFTWARE:\nphpPgAds 2.x\nhttp://secunia.com/product/4577/\n\nDESCRIPTION:\nA vulnerability has been reported in phpPgAds, which can be exploited\nby malicious people to compromise a vulnerable system. \n\nFor more information:\nSA15852\n\nSOLUTION:\nUpdate to version 2.0.5. \nhttp://sourceforge.net/project/showfiles.php?group_id=36679\n\nOTHER REFERENCES:\nSA15852:\nhttp://secunia.com/advisories/15852/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2008-3645"
},
{
"db": "CERT/CC",
"id": "VU#442845"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-001814"
},
{
"db": "BID",
"id": "31681"
},
{
"db": "BID",
"id": "31711"
},
{
"db": "VULHUB",
"id": "VHN-33770"
},
{
"db": "PACKETSTORM",
"id": "38390"
}
],
"trust": 3.06
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2008-3645",
"trust": 3.1
},
{
"db": "BID",
"id": "31711",
"trust": 2.8
},
{
"db": "SECUNIA",
"id": "32222",
"trust": 2.5
},
{
"db": "BID",
"id": "31681",
"trust": 2.0
},
{
"db": "SECTRACK",
"id": "1021025",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2008-2780",
"trust": 1.7
},
{
"db": "XF",
"id": "45781",
"trust": 1.4
},
{
"db": "SECUNIA",
"id": "15884",
"trust": 0.9
},
{
"db": "SECUNIA",
"id": "15810",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "15922",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "15852",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "15855",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "15861",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "15862",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "15872",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "15883",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "15895",
"trust": 0.8
},
{
"db": "BID",
"id": "14088",
"trust": 0.8
},
{
"db": "SECTRACK",
"id": "1014327",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#442845",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2008-001814",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200810-163",
"trust": 0.7
},
{
"db": "APPLE",
"id": "APPLE-SA-2008-10-09",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-33770",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "38390",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#442845"
},
{
"db": "VULHUB",
"id": "VHN-33770"
},
{
"db": "BID",
"id": "31681"
},
{
"db": "BID",
"id": "31711"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-001814"
},
{
"db": "PACKETSTORM",
"id": "38390"
},
{
"db": "CNNVD",
"id": "CNNVD-200810-163"
},
{
"db": "NVD",
"id": "CVE-2008-3645"
}
]
},
"id": "VAR-200810-0141",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-33770"
}
],
"trust": 0.01
},
"last_update_date": "2024-07-23T21:33:22.791000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "HT3216",
"trust": 0.8,
"url": "http://support.apple.com/kb/ht3216"
},
{
"title": "HT3216",
"trust": 0.8,
"url": "http://support.apple.com/kb/ht3216?viewlocale=ja_jp"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2008-001814"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-33770"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-001814"
},
{
"db": "NVD",
"id": "CVE-2008-3645"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "http://www.securityfocus.com/bid/31711"
},
{
"trust": 2.5,
"url": "http://secunia.com/advisories/32222"
},
{
"trust": 2.3,
"url": "http://support.apple.com/kb/ht3216"
},
{
"trust": 1.7,
"url": "http://lists.apple.com/archives/security-announce/2008/oct/msg00001.html"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/31681"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id?1021025"
},
{
"trust": 1.4,
"url": "http://www.frsirt.com/english/advisories/2008/2780"
},
{
"trust": 1.4,
"url": "http://xforce.iss.net/xforce/xfdb/45781"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2008/2780"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45781"
},
{
"trust": 0.9,
"url": "http://secunia.com/advisories/15884/"
},
{
"trust": 0.9,
"url": "http://secunia.com/advisories/15852/"
},
{
"trust": 0.8,
"url": "http://www.hardened-php.net/advisory-022005.php"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/15861/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/15862/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/15895/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/15883/"
},
{
"trust": 0.8,
"url": "http://news.postnuke.com/modules.php?op=modload\u0026name=news\u0026file=article\u0026sid=2699"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/15855/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/15810/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/15872/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/15922/"
},
{
"trust": 0.8,
"url": "http://securitytracker.com/alerts/2005/jun/1014327.html"
},
{
"trust": 0.8,
"url": "http://www.gulftech.org/?node=research\u0026article_id=00088-07022005"
},
{
"trust": 0.8,
"url": "http://www.gulftech.org/?node=research\u0026article_id=00087-07012005"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/14088"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-3645"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2008-3645"
},
{
"trust": 0.6,
"url": "http://www.apple.com/macosx/"
},
{
"trust": 0.1,
"url": "http://secunia.com/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/4577/"
},
{
"trust": 0.1,
"url": "http://secunia.com/secunia_vacancies/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://sourceforge.net/project/showfiles.php?group_id=36679"
},
{
"trust": 0.1,
"url": "http://secunia.com/about_secunia_advisories/"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#442845"
},
{
"db": "VULHUB",
"id": "VHN-33770"
},
{
"db": "BID",
"id": "31681"
},
{
"db": "BID",
"id": "31711"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-001814"
},
{
"db": "PACKETSTORM",
"id": "38390"
},
{
"db": "CNNVD",
"id": "CNNVD-200810-163"
},
{
"db": "NVD",
"id": "CVE-2008-3645"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#442845"
},
{
"db": "VULHUB",
"id": "VHN-33770"
},
{
"db": "BID",
"id": "31681"
},
{
"db": "BID",
"id": "31711"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-001814"
},
{
"db": "PACKETSTORM",
"id": "38390"
},
{
"db": "CNNVD",
"id": "CNNVD-200810-163"
},
{
"db": "NVD",
"id": "CVE-2008-3645"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2005-07-06T00:00:00",
"db": "CERT/CC",
"id": "VU#442845"
},
{
"date": "2008-10-10T00:00:00",
"db": "VULHUB",
"id": "VHN-33770"
},
{
"date": "2008-10-09T00:00:00",
"db": "BID",
"id": "31681"
},
{
"date": "2008-10-09T00:00:00",
"db": "BID",
"id": "31711"
},
{
"date": "2008-11-07T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2008-001814"
},
{
"date": "2005-07-01T23:31:00",
"db": "PACKETSTORM",
"id": "38390"
},
{
"date": "2007-05-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200810-163"
},
{
"date": "2008-10-10T10:30:04.967000",
"db": "NVD",
"id": "CVE-2008-3645"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2007-03-09T00:00:00",
"db": "CERT/CC",
"id": "VU#442845"
},
{
"date": "2017-08-08T00:00:00",
"db": "VULHUB",
"id": "VHN-33770"
},
{
"date": "2009-03-24T16:56:00",
"db": "BID",
"id": "31681"
},
{
"date": "2008-10-15T16:17:00",
"db": "BID",
"id": "31711"
},
{
"date": "2008-11-07T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2008-001814"
},
{
"date": "2009-02-10T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200810-163"
},
{
"date": "2017-08-08T01:32:03.030000",
"db": "NVD",
"id": "CVE-2008-3645"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "BID",
"id": "31711"
},
{
"db": "CNNVD",
"id": "CNNVD-200810-163"
}
],
"trust": 0.9
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Multiple PHP XML-RPC implementations vulnerable to code injection",
"sources": [
{
"db": "CERT/CC",
"id": "VU#442845"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200810-163"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.