CVE-2008-1705

{"id": "CVE-2008-1705", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 6.8, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": true, "userInteractionRequired": false}]}, "published": "2008-04-09T19:05:00.000", "references": [{"url": "http://aluigi.altervista.org/adv/soliduro-adv.txt", "source": "cve@mitre.org"}, {"url": "http://aluigi.org/poc/soliduro.zip", "tags": ["Exploit"], "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/29512", "source": "cve@mitre.org"}, {"url": "http://securitytracker.com/id?1019721", "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/archive/1/490129/100/0/threaded", "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/28468", "source": "cve@mitre.org"}, {"url": "http://www.vupen.com/english/advisories/2008/1038", "source": "cve@mitre.org"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41485", "source": "cve@mitre.org"}, {"url": "http://aluigi.altervista.org/adv/soliduro-adv.txt", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://aluigi.org/poc/soliduro.zip", "tags": ["Exploit"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://secunia.com/advisories/29512", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://securitytracker.com/id?1019721", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/archive/1/490129/100/0/threaded", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/bid/28468", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.vupen.com/english/advisories/2008/1038", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41485", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-134"}]}], "descriptions": [{"lang": "en", "value": "Format string vulnerability in the logging function in IBM solidDB 06.00.1018 and earlier allows remote attackers to execute arbitrary code via format string specifiers in the (1) user name, (2) peer name, and possibly unspecified other fields."}, {"lang": "es", "value": "Vulnerabilidad de cadena de formato en la funci\u00f3n logging de IBM solidDB 06.00.1018 y versiones anteriores permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de especificadores de formato de cadena en (1) el nombre de usuario, (2) pares de nombre y posiblemente otros campos nos especificados."}], "lastModified": "2024-11-21T00:45:08.553", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:ibm:soliddb:06.00.1018:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "979423E3-2025-4EB2-B1C5-5C6B6A39B745"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}