CVE-2008-2064

Multiple unspecified vulnerabilities in PhpGedView before 4.1.5 have unknown impact and attack vectors related to "a fundamental design flaw in the interface (API) to connect phpGedView with external programs like content management systems."

CVSS v2.0 10.0 HIGH

10.0^/10

CVSS v2.0 : HIGH

Vector : AV:N/AC:L/Au:N/C:C/I:C/A:C

Exploitability : 10.0 / Impact : 10.0

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References

Link	Resource
http://sourceforge.net/project/shownotes.php?group_id=55456&release_id=595222	Patch
http://www.securityfocus.com/bid/28978
http://secunia.com/advisories/29989	Vendor Advisory
http://www.debian.org/security/2008/dsa-1580	Patch
http://secunia.com/advisories/30256	Vendor Advisory
http://www.phpgedview.net/	Patch Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/42085

Advertisement

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:phpgedview:phpgedview:0.6:::::::*
	cpe:2.3:a:phpgedview:phpgedview:2.12:::::::*
	cpe:2.3:a:phpgedview:phpgedview:2.13:::::::*
	cpe:2.3:a:phpgedview:phpgedview:2.50:::::::*
	cpe:2.3:a:phpgedview:phpgedview:4.1.1:::::::*
	cpe:2.3:a:phpgedview:phpgedview:4.1.3:::::::*
	cpe:2.3:a:phpgedview:phpgedview:1.1:::::::*
	cpe:2.3:a:phpgedview:phpgedview:2.0:::::::*
	cpe:2.3:a:phpgedview:phpgedview:3.3.8:::::::*
	cpe:2.3:a:phpgedview:phpgedview:4.0:::::::*
	cpe:2.3:a:phpgedview:phpgedview:0.8:::::::*
	cpe:2.3:a:phpgedview:phpgedview:2.65:::::::*
	cpe:2.3:a:phpgedview:phpgedview:1.04:::::::*
	cpe:2.3:a:phpgedview:phpgedview:3.2:::::::*
	cpe:2.3:a:phpgedview:phpgedview:1.0:::::::*
	cpe:2.3:a:phpgedview:phpgedview:2.60:::::::*
	cpe:2.3:a:phpgedview:phpgedview::::::::
	cpe:2.3:a:phpgedview:phpgedview:0.95:::::::*
	cpe:2.3:a:phpgedview:phpgedview:3.0:::::::*

Information

Published : 2008-05-02 16:20

Updated : 2017-08-07 18:30

NVD link : CVE-2008-2064

Mitre link : CVE-2008-2064

JSON object : View

CWE

NVD-CWE-noinfo

Advertisement

Products Affected

phpgedview

phpgedview

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "http://sourceforge.net/project/shownotes.php?group_id=55456&release_id=595222", "name": "http://sourceforge.net/project/shownotes.php?group_id=55456&release_id=595222", "tags": ["Patch"], "refsource": "CONFIRM"}, {"url": "http://www.securityfocus.com/bid/28978", "name": "28978", "tags": [], "refsource": "BID"}, {"url": "http://secunia.com/advisories/29989", "name": "29989", "tags": ["Vendor Advisory"], "refsource": "SECUNIA"}, {"url": "http://www.debian.org/security/2008/dsa-1580", "name": "DSA-1580", "tags": ["Patch"], "refsource": "DEBIAN"}, {"url": "http://secunia.com/advisories/30256", "name": "30256", "tags": ["Vendor Advisory"], "refsource": "SECUNIA"}, {"url": "http://www.phpgedview.net/", "name": "http://www.phpgedview.net/", "tags": ["Patch", "Vendor Advisory"], "refsource": "CONFIRM"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42085", "name": "phpgedview-unspecified-code-execution(42085)", "tags": [], "refsource": "XF"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "Multiple unspecified vulnerabilities in PhpGedView before 4.1.5 have unknown impact and attack vectors related to \"a fundamental design flaw in the interface (API) to connect phpGedView with external programs like content management systems.\""}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2008-2064", "ASSIGNER": "cve@mitre.org"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 10.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "severity": "HIGH", "acInsufInfo": true, "impactScore": 10.0, "obtainAllPrivilege": true, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}}, "publishedDate": "2008-05-02T23:20Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:phpgedview:phpgedview:0.6:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:phpgedview:phpgedview:2.12:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:phpgedview:phpgedview:2.13:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:phpgedview:phpgedview:2.50:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:phpgedview:phpgedview:4.1.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:phpgedview:phpgedview:4.1.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:phpgedview:phpgedview:1.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:phpgedview:phpgedview:2.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:phpgedview:phpgedview:3.3.8:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:phpgedview:phpgedview:4.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:phpgedview:phpgedview:0.8:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:phpgedview:phpgedview:2.65:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:phpgedview:phpgedview:1.04:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:phpgedview:phpgedview:3.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:phpgedview:phpgedview:1.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:phpgedview:phpgedview:2.60:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:phpgedview:phpgedview:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndIncluding": "4.1.4"}, {"cpe23Uri": "cpe:2.3:a:phpgedview:phpgedview:0.95:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:phpgedview:phpgedview:3.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2017-08-08T01:30Z"}