var-200908-0093
Vulnerability from variot
Buffer overflow in multiscan.exe in Check Point ZoneAlarm Security Suite 7.0.483.000 and 8.0.020.000 allows local users to execute arbitrary code via a file or directory with a long path. NOTE: some of these details are obtained from third party information. ZoneAlarm Security Suite is prone to a buffer-overflow vulnerability because the application fails to perform adequate boundary checks on user-supplied input when performing virus scans on long directory paths. Remote attackers may leverage this issue to execute arbitrary code with SYSTEM-level privileges and gain complete access to the vulnerable computer. Failed attacks will cause denial-of-service conditions. This issue affects ZoneAlarm Security Suite 7.0.483.000; other versions may also be affected. ZoneAlarm is a personal computer firewall that protects personal data and privacy. ----------------------------------------------------------------------
Do you need accurate and reliable IDS / IPS / AV detection rules?
Get in-depth vulnerability details: http://secunia.com/binary_analysis/sample_analysis/
TITLE: ZoneAlarm Internet Security Suite "multiscan.exe" Buffer Overflow
SECUNIA ADVISORY ID: SA31832
VERIFY ADVISORY: http://secunia.com/advisories/31832/
CRITICAL: Less critical
IMPACT: System access
WHERE:
From remote
SOFTWARE: ZoneAlarm Internet Security Suite 8.x http://secunia.com/advisories/product/19816/ ZoneAlarm Internet Security Suite 7.x http://secunia.com/advisories/product/19815/
DESCRIPTION: Juan Pablo Lopez Yacubian has discovered a vulnerability in ZoneAlarm Internet Security Suite, which can be exploited by malicious people to compromise a user's system.
The vulnerability is caused due to a boundary error in multiscan.exe when processing input from files passed via the "-f" command line parameter. This can be exploited to cause a buffer overflow by e.g. tricking a user into scanning a file or directory with a specially crafted name via the "Scan with ZoneAlam Anti-virus" shell extension.
Successful exploitation may allow the execution of arbitrary code.
The vulnerability is confirmed in version 7.0.483.000 and 8.0.020.000.
SOLUTION: A solution is not available.
PROVIDED AND/OR DISCOVERED BY: Juan Pablo Lopez Yacubian
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200908-0093",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "zonealarm",
"scope": "eq",
"trust": 1.6,
"vendor": "checkpoint",
"version": "7.0.483.000"
},
{
"model": "zonealarm",
"scope": "eq",
"trust": 1.6,
"vendor": "checkpoint",
"version": "8.0.020.000"
},
{
"model": "zonealarm",
"scope": "eq",
"trust": 0.8,
"vendor": "check point",
"version": "7.0.483.000 and 8.0.020.000"
},
{
"model": "labs zonealarm internet security suite",
"scope": "eq",
"trust": 0.3,
"vendor": "zone",
"version": "7.0"
}
],
"sources": [
{
"db": "BID",
"id": "31124"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-003086"
},
{
"db": "NVD",
"id": "CVE-2008-7009"
},
{
"db": "CNNVD",
"id": "CNNVD-200908-264"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:checkpoint:zonealarm:7.0.483.000:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:checkpoint:zonealarm:8.0.020.000:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2008-7009"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Juan Pablo Lopez Yacubian\u203b jplopezy@gmail.com",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200908-264"
}
],
"trust": 0.6
},
"cve": "CVE-2008-7009",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 6.9,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.4,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Local",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 6.9,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2008-7009",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 6.9,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.4,
"id": "VHN-37134",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:L/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2008-7009",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-200908-264",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-37134",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-37134"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-003086"
},
{
"db": "NVD",
"id": "CVE-2008-7009"
},
{
"db": "CNNVD",
"id": "CNNVD-200908-264"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer overflow in multiscan.exe in Check Point ZoneAlarm Security Suite 7.0.483.000 and 8.0.020.000 allows local users to execute arbitrary code via a file or directory with a long path. NOTE: some of these details are obtained from third party information. ZoneAlarm Security Suite is prone to a buffer-overflow vulnerability because the application fails to perform adequate boundary checks on user-supplied input when performing virus scans on long directory paths. \nRemote attackers may leverage this issue to execute arbitrary code with SYSTEM-level privileges and gain complete access to the vulnerable computer. Failed attacks will cause denial-of-service conditions. \nThis issue affects ZoneAlarm Security Suite 7.0.483.000; other versions may also be affected. ZoneAlarm is a personal computer firewall that protects personal data and privacy. ----------------------------------------------------------------------\n\nDo you need accurate and reliable IDS / IPS / AV detection rules?\n\nGet in-depth vulnerability details:\nhttp://secunia.com/binary_analysis/sample_analysis/\n\n----------------------------------------------------------------------\n\nTITLE:\nZoneAlarm Internet Security Suite \"multiscan.exe\" Buffer Overflow\n\nSECUNIA ADVISORY ID:\nSA31832\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/31832/\n\nCRITICAL:\nLess critical\n\nIMPACT:\nSystem access\n\nWHERE:\n\u003eFrom remote\n\nSOFTWARE:\nZoneAlarm Internet Security Suite 8.x\nhttp://secunia.com/advisories/product/19816/\nZoneAlarm Internet Security Suite 7.x\nhttp://secunia.com/advisories/product/19815/\n\nDESCRIPTION:\nJuan Pablo Lopez Yacubian has discovered a vulnerability in ZoneAlarm\nInternet Security Suite, which can be exploited by malicious people to\ncompromise a user\u0027s system. \n\nThe vulnerability is caused due to a boundary error in multiscan.exe\nwhen processing input from files passed via the \"-f\" command line\nparameter. This can be exploited to cause a buffer overflow by e.g. \ntricking a user into scanning a file or directory with a specially\ncrafted name via the \"Scan with ZoneAlam Anti-virus\" shell\nextension. \n\nSuccessful exploitation may allow the execution of arbitrary code. \n\nThe vulnerability is confirmed in version 7.0.483.000 and\n8.0.020.000. \n\nSOLUTION:\nA solution is not available. \n\nPROVIDED AND/OR DISCOVERED BY:\nJuan Pablo Lopez Yacubian\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2008-7009"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-003086"
},
{
"db": "BID",
"id": "31124"
},
{
"db": "VULHUB",
"id": "VHN-37134"
},
{
"db": "PACKETSTORM",
"id": "69915"
}
],
"trust": 2.07
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-37134",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-37134"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2008-7009",
"trust": 2.8
},
{
"db": "BID",
"id": "31124",
"trust": 2.0
},
{
"db": "SECUNIA",
"id": "31832",
"trust": 1.8
},
{
"db": "OSVDB",
"id": "48097",
"trust": 1.7
},
{
"db": "SECTRACK",
"id": "1020859",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2008-2556",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2009-003086",
"trust": 0.8
},
{
"db": "XF",
"id": "45082",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20080911 ZONEALARM SECURITY SUITE BUFFER OVERFLOW",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-200908-264",
"trust": 0.6
},
{
"db": "SEEBUG",
"id": "SSVID-85650",
"trust": 0.1
},
{
"db": "EXPLOIT-DB",
"id": "32356",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-37134",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "69915",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-37134"
},
{
"db": "BID",
"id": "31124"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-003086"
},
{
"db": "PACKETSTORM",
"id": "69915"
},
{
"db": "NVD",
"id": "CVE-2008-7009"
},
{
"db": "CNNVD",
"id": "CNNVD-200908-264"
}
]
},
"id": "VAR-200908-0093",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-37134"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T13:25:24.030000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.checkpoint.com/"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2009-003086"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-37134"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-003086"
},
{
"db": "NVD",
"id": "CVE-2008-7009"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/31124"
},
{
"trust": 1.7,
"url": "http://osvdb.org/48097"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id?1020859"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/31832"
},
{
"trust": 1.7,
"url": "http://www.vupen.com/english/advisories/2008/2556"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/archive/1/496226/100/0/threaded"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45082"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-7009"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2008-7009"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/xforce/xfdb/45082"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/archive/1/archive/1/496226/100/0/threaded"
},
{
"trust": 0.3,
"url": "http://www.fileden.com/files/2008/9/11/2091525/zonealarm.swf"
},
{
"trust": 0.3,
"url": "/archive/1/496226"
},
{
"trust": 0.3,
"url": "http://www.zonealarm.com"
},
{
"trust": 0.1,
"url": "http://secunia.com/binary_analysis/sample_analysis/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/31832/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/product/19815/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/product/19816/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-37134"
},
{
"db": "BID",
"id": "31124"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-003086"
},
{
"db": "PACKETSTORM",
"id": "69915"
},
{
"db": "NVD",
"id": "CVE-2008-7009"
},
{
"db": "CNNVD",
"id": "CNNVD-200908-264"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-37134"
},
{
"db": "BID",
"id": "31124"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-003086"
},
{
"db": "PACKETSTORM",
"id": "69915"
},
{
"db": "NVD",
"id": "CVE-2008-7009"
},
{
"db": "CNNVD",
"id": "CNNVD-200908-264"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2009-08-19T00:00:00",
"db": "VULHUB",
"id": "VHN-37134"
},
{
"date": "2008-09-11T00:00:00",
"db": "BID",
"id": "31124"
},
{
"date": "2012-06-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2009-003086"
},
{
"date": "2008-09-12T19:47:57",
"db": "PACKETSTORM",
"id": "69915"
},
{
"date": "2009-08-19T10:30:00.517000",
"db": "NVD",
"id": "CVE-2008-7009"
},
{
"date": "2008-09-11T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200908-264"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-10-11T00:00:00",
"db": "VULHUB",
"id": "VHN-37134"
},
{
"date": "2015-05-07T17:24:00",
"db": "BID",
"id": "31124"
},
{
"date": "2012-06-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2009-003086"
},
{
"date": "2018-10-11T20:58:01.550000",
"db": "NVD",
"id": "CVE-2008-7009"
},
{
"date": "2009-08-19T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200908-264"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200908-264"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Check Point ZoneAlarm Security Suite of multiscan.exe Vulnerable to buffer overflow",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2009-003086"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200908-264"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.