CVE-2008-2051
Vulnerability from cvelistv5
Published
2008-05-05 17:00
Modified
2024-08-07 08:49
Severity ?
Summary
The escapeshellcmd API function in PHP before 5.2.6 has unknown impact and context-dependent attack vectors related to "incomplete multibyte chars."
References
secalert@redhat.comhttp://lists.apple.com/archives/security-announce//2008/Jul/msg00003.html
secalert@redhat.comhttp://lists.opensuse.org/opensuse-security-announce/2008-07/msg00001.html
secalert@redhat.comhttp://secunia.com/advisories/30048
secalert@redhat.comhttp://secunia.com/advisories/30083
secalert@redhat.comhttp://secunia.com/advisories/30158
secalert@redhat.comhttp://secunia.com/advisories/30288
secalert@redhat.comhttp://secunia.com/advisories/30345
secalert@redhat.comhttp://secunia.com/advisories/30411
secalert@redhat.comhttp://secunia.com/advisories/30757
secalert@redhat.comhttp://secunia.com/advisories/30828
secalert@redhat.comhttp://secunia.com/advisories/30967
secalert@redhat.comhttp://secunia.com/advisories/31119
secalert@redhat.comhttp://secunia.com/advisories/31124
secalert@redhat.comhttp://secunia.com/advisories/31200
secalert@redhat.comhttp://secunia.com/advisories/31326
secalert@redhat.comhttp://secunia.com/advisories/32746
secalert@redhat.comhttp://security.gentoo.org/glsa/glsa-200811-05.xml
secalert@redhat.comhttp://wiki.rpath.com/wiki/Advisories:rPSA-2008-0176
secalert@redhat.comhttp://wiki.rpath.com/wiki/Advisories:rPSA-2008-0178
secalert@redhat.comhttp://www.debian.org/security/2008/dsa-1572
secalert@redhat.comhttp://www.debian.org/security/2008/dsa-1578
secalert@redhat.comhttp://www.mandriva.com/security/advisories?name=MDVSA-2008:125
secalert@redhat.comhttp://www.mandriva.com/security/advisories?name=MDVSA-2008:126
secalert@redhat.comhttp://www.mandriva.com/security/advisories?name=MDVSA-2008:127
secalert@redhat.comhttp://www.mandriva.com/security/advisories?name=MDVSA-2008:128
secalert@redhat.comhttp://www.openwall.com/lists/oss-security/2008/05/02/2
secalert@redhat.comhttp://www.php.net/ChangeLog-5.php
secalert@redhat.comhttp://www.redhat.com/support/errata/RHSA-2008-0505.html
secalert@redhat.comhttp://www.redhat.com/support/errata/RHSA-2008-0544.html
secalert@redhat.comhttp://www.redhat.com/support/errata/RHSA-2008-0545.html
secalert@redhat.comhttp://www.redhat.com/support/errata/RHSA-2008-0546.html
secalert@redhat.comhttp://www.redhat.com/support/errata/RHSA-2008-0582.html
secalert@redhat.comhttp://www.securityfocus.com/archive/1/492535/100/0/threaded
secalert@redhat.comhttp://www.securityfocus.com/archive/1/492671/100/0/threaded
secalert@redhat.comhttp://www.securityfocus.com/bid/29009
secalert@redhat.comhttp://www.slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.488951
secalert@redhat.comhttp://www.ubuntu.com/usn/usn-628-1
secalert@redhat.comhttp://www.vupen.com/english/advisories/2008/1412
secalert@redhat.comhttp://www.vupen.com/english/advisories/2008/2268
secalert@redhat.comhttps://issues.rpath.com/browse/RPL-2503
secalert@redhat.comhttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10256
secalert@redhat.comhttps://www.redhat.com/archives/fedora-package-announce/2008-June/msg00773.html
secalert@redhat.comhttps://www.redhat.com/archives/fedora-package-announce/2008-June/msg00779.html
af854a3a-2127-422b-91ae-364da2661108http://lists.apple.com/archives/security-announce//2008/Jul/msg00003.html
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00001.html
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/30048
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/30083
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/30158
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/30288
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/30345
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/30411
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/30757
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/30828
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/30967
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/31119
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/31124
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/31200
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/31326
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/32746
af854a3a-2127-422b-91ae-364da2661108http://security.gentoo.org/glsa/glsa-200811-05.xml
af854a3a-2127-422b-91ae-364da2661108http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0176
af854a3a-2127-422b-91ae-364da2661108http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0178
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2008/dsa-1572
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2008/dsa-1578
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDVSA-2008:125
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDVSA-2008:126
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDVSA-2008:127
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDVSA-2008:128
af854a3a-2127-422b-91ae-364da2661108http://www.openwall.com/lists/oss-security/2008/05/02/2
af854a3a-2127-422b-91ae-364da2661108http://www.php.net/ChangeLog-5.php
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2008-0505.html
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2008-0544.html
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2008-0545.html
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2008-0546.html
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2008-0582.html
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/492535/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/492671/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/29009
af854a3a-2127-422b-91ae-364da2661108http://www.slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.488951
af854a3a-2127-422b-91ae-364da2661108http://www.ubuntu.com/usn/usn-628-1
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2008/1412
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2008/2268
af854a3a-2127-422b-91ae-364da2661108https://issues.rpath.com/browse/RPL-2503
af854a3a-2127-422b-91ae-364da2661108https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10256
af854a3a-2127-422b-91ae-364da2661108https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00773.html
af854a3a-2127-422b-91ae-364da2661108https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00779.html
Impacted products
Vendor Product Version
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-07T08:49:57.022Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  name: "ADV-2008-1412",
                  tags: [
                     "vdb-entry",
                     "x_refsource_VUPEN",
                     "x_transferred",
                  ],
                  url: "http://www.vupen.com/english/advisories/2008/1412",
               },
               {
                  name: "20080523 rPSA-2008-0176-1 php php-cgi php-imap php-mcrypt php-mysql php-mysqli php-pgsql php-soap php-xsl php5 php5-cgi php5-imap php5-mcrypt php5-mysql php5-mysqli php5-pear php5-pgsql php5-soap php5-xsl",
                  tags: [
                     "mailing-list",
                     "x_refsource_BUGTRAQ",
                     "x_transferred",
                  ],
                  url: "http://www.securityfocus.com/archive/1/492535/100/0/threaded",
               },
               {
                  name: "30288",
                  tags: [
                     "third-party-advisory",
                     "x_refsource_SECUNIA",
                     "x_transferred",
                  ],
                  url: "http://secunia.com/advisories/30288",
               },
               {
                  name: "FEDORA-2008-3606",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_FEDORA",
                     "x_transferred",
                  ],
                  url: "https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00779.html",
               },
               {
                  name: "32746",
                  tags: [
                     "third-party-advisory",
                     "x_refsource_SECUNIA",
                     "x_transferred",
                  ],
                  url: "http://secunia.com/advisories/32746",
               },
               {
                  name: "30083",
                  tags: [
                     "third-party-advisory",
                     "x_refsource_SECUNIA",
                     "x_transferred",
                  ],
                  url: "http://secunia.com/advisories/30083",
               },
               {
                  name: "APPLE-SA-2008-07-31",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_APPLE",
                     "x_transferred",
                  ],
                  url: "http://lists.apple.com/archives/security-announce//2008/Jul/msg00003.html",
               },
               {
                  name: "GLSA-200811-05",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_GENTOO",
                     "x_transferred",
                  ],
                  url: "http://security.gentoo.org/glsa/glsa-200811-05.xml",
               },
               {
                  name: "RHSA-2008:0546",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "http://www.redhat.com/support/errata/RHSA-2008-0546.html",
               },
               {
                  name: "FEDORA-2008-3864",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_FEDORA",
                     "x_transferred",
                  ],
                  url: "https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00773.html",
               },
               {
                  name: "oval:org.mitre.oval:def:10256",
                  tags: [
                     "vdb-entry",
                     "signature",
                     "x_refsource_OVAL",
                     "x_transferred",
                  ],
                  url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10256",
               },
               {
                  name: "29009",
                  tags: [
                     "vdb-entry",
                     "x_refsource_BID",
                     "x_transferred",
                  ],
                  url: "http://www.securityfocus.com/bid/29009",
               },
               {
                  name: "30828",
                  tags: [
                     "third-party-advisory",
                     "x_refsource_SECUNIA",
                     "x_transferred",
                  ],
                  url: "http://secunia.com/advisories/30828",
               },
               {
                  name: "MDVSA-2008:128",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_MANDRIVA",
                     "x_transferred",
                  ],
                  url: "http://www.mandriva.com/security/advisories?name=MDVSA-2008:128",
               },
               {
                  name: "ADV-2008-2268",
                  tags: [
                     "vdb-entry",
                     "x_refsource_VUPEN",
                     "x_transferred",
                  ],
                  url: "http://www.vupen.com/english/advisories/2008/2268",
               },
               {
                  name: "DSA-1572",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_DEBIAN",
                     "x_transferred",
                  ],
                  url: "http://www.debian.org/security/2008/dsa-1572",
               },
               {
                  name: "RHSA-2008:0582",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "http://www.redhat.com/support/errata/RHSA-2008-0582.html",
               },
               {
                  name: "30345",
                  tags: [
                     "third-party-advisory",
                     "x_refsource_SECUNIA",
                     "x_transferred",
                  ],
                  url: "http://secunia.com/advisories/30345",
               },
               {
                  name: "USN-628-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/usn-628-1",
               },
               {
                  name: "RHSA-2008:0545",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "http://www.redhat.com/support/errata/RHSA-2008-0545.html",
               },
               {
                  name: "31124",
                  tags: [
                     "third-party-advisory",
                     "x_refsource_SECUNIA",
                     "x_transferred",
                  ],
                  url: "http://secunia.com/advisories/31124",
               },
               {
                  name: "30967",
                  tags: [
                     "third-party-advisory",
                     "x_refsource_SECUNIA",
                     "x_transferred",
                  ],
                  url: "http://secunia.com/advisories/30967",
               },
               {
                  name: "31119",
                  tags: [
                     "third-party-advisory",
                     "x_refsource_SECUNIA",
                     "x_transferred",
                  ],
                  url: "http://secunia.com/advisories/31119",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0176",
               },
               {
                  name: "[oss-security] 20080502 CVE Request (PHP)",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "http://www.openwall.com/lists/oss-security/2008/05/02/2",
               },
               {
                  name: "20080527 rPSA-2008-0178-1 php php-mysql php-pgsql",
                  tags: [
                     "mailing-list",
                     "x_refsource_BUGTRAQ",
                     "x_transferred",
                  ],
                  url: "http://www.securityfocus.com/archive/1/492671/100/0/threaded",
               },
               {
                  name: "30411",
                  tags: [
                     "third-party-advisory",
                     "x_refsource_SECUNIA",
                     "x_transferred",
                  ],
                  url: "http://secunia.com/advisories/30411",
               },
               {
                  name: "30158",
                  tags: [
                     "third-party-advisory",
                     "x_refsource_SECUNIA",
                     "x_transferred",
                  ],
                  url: "http://secunia.com/advisories/30158",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://www.php.net/ChangeLog-5.php",
               },
               {
                  name: "31200",
                  tags: [
                     "third-party-advisory",
                     "x_refsource_SECUNIA",
                     "x_transferred",
                  ],
                  url: "http://secunia.com/advisories/31200",
               },
               {
                  name: "SSA:2008-128-01",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SLACKWARE",
                     "x_transferred",
                  ],
                  url: "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.488951",
               },
               {
                  name: "30757",
                  tags: [
                     "third-party-advisory",
                     "x_refsource_SECUNIA",
                     "x_transferred",
                  ],
                  url: "http://secunia.com/advisories/30757",
               },
               {
                  name: "RHSA-2008:0544",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "http://www.redhat.com/support/errata/RHSA-2008-0544.html",
               },
               {
                  name: "DSA-1578",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_DEBIAN",
                     "x_transferred",
                  ],
                  url: "http://www.debian.org/security/2008/dsa-1578",
               },
               {
                  name: "SUSE-SR:2008:014",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00001.html",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0178",
               },
               {
                  name: "MDVSA-2008:125",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_MANDRIVA",
                     "x_transferred",
                  ],
                  url: "http://www.mandriva.com/security/advisories?name=MDVSA-2008:125",
               },
               {
                  name: "31326",
                  tags: [
                     "third-party-advisory",
                     "x_refsource_SECUNIA",
                     "x_transferred",
                  ],
                  url: "http://secunia.com/advisories/31326",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://issues.rpath.com/browse/RPL-2503",
               },
               {
                  name: "RHSA-2008:0505",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "http://www.redhat.com/support/errata/RHSA-2008-0505.html",
               },
               {
                  name: "MDVSA-2008:126",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_MANDRIVA",
                     "x_transferred",
                  ],
                  url: "http://www.mandriva.com/security/advisories?name=MDVSA-2008:126",
               },
               {
                  name: "MDVSA-2008:127",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_MANDRIVA",
                     "x_transferred",
                  ],
                  url: "http://www.mandriva.com/security/advisories?name=MDVSA-2008:127",
               },
               {
                  name: "30048",
                  tags: [
                     "third-party-advisory",
                     "x_refsource_SECUNIA",
                     "x_transferred",
                  ],
                  url: "http://secunia.com/advisories/30048",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         datePublic: "2008-05-01T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "The escapeshellcmd API function in PHP before 5.2.6 has unknown impact and context-dependent attack vectors related to \"incomplete multibyte chars.\"",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2018-10-11T19:57:01",
            orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
            shortName: "redhat",
         },
         references: [
            {
               name: "ADV-2008-1412",
               tags: [
                  "vdb-entry",
                  "x_refsource_VUPEN",
               ],
               url: "http://www.vupen.com/english/advisories/2008/1412",
            },
            {
               name: "20080523 rPSA-2008-0176-1 php php-cgi php-imap php-mcrypt php-mysql php-mysqli php-pgsql php-soap php-xsl php5 php5-cgi php5-imap php5-mcrypt php5-mysql php5-mysqli php5-pear php5-pgsql php5-soap php5-xsl",
               tags: [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
               ],
               url: "http://www.securityfocus.com/archive/1/492535/100/0/threaded",
            },
            {
               name: "30288",
               tags: [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
               ],
               url: "http://secunia.com/advisories/30288",
            },
            {
               name: "FEDORA-2008-3606",
               tags: [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
               ],
               url: "https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00779.html",
            },
            {
               name: "32746",
               tags: [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
               ],
               url: "http://secunia.com/advisories/32746",
            },
            {
               name: "30083",
               tags: [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
               ],
               url: "http://secunia.com/advisories/30083",
            },
            {
               name: "APPLE-SA-2008-07-31",
               tags: [
                  "vendor-advisory",
                  "x_refsource_APPLE",
               ],
               url: "http://lists.apple.com/archives/security-announce//2008/Jul/msg00003.html",
            },
            {
               name: "GLSA-200811-05",
               tags: [
                  "vendor-advisory",
                  "x_refsource_GENTOO",
               ],
               url: "http://security.gentoo.org/glsa/glsa-200811-05.xml",
            },
            {
               name: "RHSA-2008:0546",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "http://www.redhat.com/support/errata/RHSA-2008-0546.html",
            },
            {
               name: "FEDORA-2008-3864",
               tags: [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
               ],
               url: "https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00773.html",
            },
            {
               name: "oval:org.mitre.oval:def:10256",
               tags: [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
               ],
               url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10256",
            },
            {
               name: "29009",
               tags: [
                  "vdb-entry",
                  "x_refsource_BID",
               ],
               url: "http://www.securityfocus.com/bid/29009",
            },
            {
               name: "30828",
               tags: [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
               ],
               url: "http://secunia.com/advisories/30828",
            },
            {
               name: "MDVSA-2008:128",
               tags: [
                  "vendor-advisory",
                  "x_refsource_MANDRIVA",
               ],
               url: "http://www.mandriva.com/security/advisories?name=MDVSA-2008:128",
            },
            {
               name: "ADV-2008-2268",
               tags: [
                  "vdb-entry",
                  "x_refsource_VUPEN",
               ],
               url: "http://www.vupen.com/english/advisories/2008/2268",
            },
            {
               name: "DSA-1572",
               tags: [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
               ],
               url: "http://www.debian.org/security/2008/dsa-1572",
            },
            {
               name: "RHSA-2008:0582",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "http://www.redhat.com/support/errata/RHSA-2008-0582.html",
            },
            {
               name: "30345",
               tags: [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
               ],
               url: "http://secunia.com/advisories/30345",
            },
            {
               name: "USN-628-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/usn-628-1",
            },
            {
               name: "RHSA-2008:0545",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "http://www.redhat.com/support/errata/RHSA-2008-0545.html",
            },
            {
               name: "31124",
               tags: [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
               ],
               url: "http://secunia.com/advisories/31124",
            },
            {
               name: "30967",
               tags: [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
               ],
               url: "http://secunia.com/advisories/30967",
            },
            {
               name: "31119",
               tags: [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
               ],
               url: "http://secunia.com/advisories/31119",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0176",
            },
            {
               name: "[oss-security] 20080502 CVE Request (PHP)",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "http://www.openwall.com/lists/oss-security/2008/05/02/2",
            },
            {
               name: "20080527 rPSA-2008-0178-1 php php-mysql php-pgsql",
               tags: [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
               ],
               url: "http://www.securityfocus.com/archive/1/492671/100/0/threaded",
            },
            {
               name: "30411",
               tags: [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
               ],
               url: "http://secunia.com/advisories/30411",
            },
            {
               name: "30158",
               tags: [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
               ],
               url: "http://secunia.com/advisories/30158",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://www.php.net/ChangeLog-5.php",
            },
            {
               name: "31200",
               tags: [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
               ],
               url: "http://secunia.com/advisories/31200",
            },
            {
               name: "SSA:2008-128-01",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SLACKWARE",
               ],
               url: "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.488951",
            },
            {
               name: "30757",
               tags: [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
               ],
               url: "http://secunia.com/advisories/30757",
            },
            {
               name: "RHSA-2008:0544",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "http://www.redhat.com/support/errata/RHSA-2008-0544.html",
            },
            {
               name: "DSA-1578",
               tags: [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
               ],
               url: "http://www.debian.org/security/2008/dsa-1578",
            },
            {
               name: "SUSE-SR:2008:014",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00001.html",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0178",
            },
            {
               name: "MDVSA-2008:125",
               tags: [
                  "vendor-advisory",
                  "x_refsource_MANDRIVA",
               ],
               url: "http://www.mandriva.com/security/advisories?name=MDVSA-2008:125",
            },
            {
               name: "31326",
               tags: [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
               ],
               url: "http://secunia.com/advisories/31326",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://issues.rpath.com/browse/RPL-2503",
            },
            {
               name: "RHSA-2008:0505",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "http://www.redhat.com/support/errata/RHSA-2008-0505.html",
            },
            {
               name: "MDVSA-2008:126",
               tags: [
                  "vendor-advisory",
                  "x_refsource_MANDRIVA",
               ],
               url: "http://www.mandriva.com/security/advisories?name=MDVSA-2008:126",
            },
            {
               name: "MDVSA-2008:127",
               tags: [
                  "vendor-advisory",
                  "x_refsource_MANDRIVA",
               ],
               url: "http://www.mandriva.com/security/advisories?name=MDVSA-2008:127",
            },
            {
               name: "30048",
               tags: [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
               ],
               url: "http://secunia.com/advisories/30048",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "secalert@redhat.com",
               ID: "CVE-2008-2051",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "The escapeshellcmd API function in PHP before 5.2.6 has unknown impact and context-dependent attack vectors related to \"incomplete multibyte chars.\"",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "ADV-2008-1412",
                     refsource: "VUPEN",
                     url: "http://www.vupen.com/english/advisories/2008/1412",
                  },
                  {
                     name: "20080523 rPSA-2008-0176-1 php php-cgi php-imap php-mcrypt php-mysql php-mysqli php-pgsql php-soap php-xsl php5 php5-cgi php5-imap php5-mcrypt php5-mysql php5-mysqli php5-pear php5-pgsql php5-soap php5-xsl",
                     refsource: "BUGTRAQ",
                     url: "http://www.securityfocus.com/archive/1/492535/100/0/threaded",
                  },
                  {
                     name: "30288",
                     refsource: "SECUNIA",
                     url: "http://secunia.com/advisories/30288",
                  },
                  {
                     name: "FEDORA-2008-3606",
                     refsource: "FEDORA",
                     url: "https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00779.html",
                  },
                  {
                     name: "32746",
                     refsource: "SECUNIA",
                     url: "http://secunia.com/advisories/32746",
                  },
                  {
                     name: "30083",
                     refsource: "SECUNIA",
                     url: "http://secunia.com/advisories/30083",
                  },
                  {
                     name: "APPLE-SA-2008-07-31",
                     refsource: "APPLE",
                     url: "http://lists.apple.com/archives/security-announce//2008/Jul/msg00003.html",
                  },
                  {
                     name: "GLSA-200811-05",
                     refsource: "GENTOO",
                     url: "http://security.gentoo.org/glsa/glsa-200811-05.xml",
                  },
                  {
                     name: "RHSA-2008:0546",
                     refsource: "REDHAT",
                     url: "http://www.redhat.com/support/errata/RHSA-2008-0546.html",
                  },
                  {
                     name: "FEDORA-2008-3864",
                     refsource: "FEDORA",
                     url: "https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00773.html",
                  },
                  {
                     name: "oval:org.mitre.oval:def:10256",
                     refsource: "OVAL",
                     url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10256",
                  },
                  {
                     name: "29009",
                     refsource: "BID",
                     url: "http://www.securityfocus.com/bid/29009",
                  },
                  {
                     name: "30828",
                     refsource: "SECUNIA",
                     url: "http://secunia.com/advisories/30828",
                  },
                  {
                     name: "MDVSA-2008:128",
                     refsource: "MANDRIVA",
                     url: "http://www.mandriva.com/security/advisories?name=MDVSA-2008:128",
                  },
                  {
                     name: "ADV-2008-2268",
                     refsource: "VUPEN",
                     url: "http://www.vupen.com/english/advisories/2008/2268",
                  },
                  {
                     name: "DSA-1572",
                     refsource: "DEBIAN",
                     url: "http://www.debian.org/security/2008/dsa-1572",
                  },
                  {
                     name: "RHSA-2008:0582",
                     refsource: "REDHAT",
                     url: "http://www.redhat.com/support/errata/RHSA-2008-0582.html",
                  },
                  {
                     name: "30345",
                     refsource: "SECUNIA",
                     url: "http://secunia.com/advisories/30345",
                  },
                  {
                     name: "USN-628-1",
                     refsource: "UBUNTU",
                     url: "http://www.ubuntu.com/usn/usn-628-1",
                  },
                  {
                     name: "RHSA-2008:0545",
                     refsource: "REDHAT",
                     url: "http://www.redhat.com/support/errata/RHSA-2008-0545.html",
                  },
                  {
                     name: "31124",
                     refsource: "SECUNIA",
                     url: "http://secunia.com/advisories/31124",
                  },
                  {
                     name: "30967",
                     refsource: "SECUNIA",
                     url: "http://secunia.com/advisories/30967",
                  },
                  {
                     name: "31119",
                     refsource: "SECUNIA",
                     url: "http://secunia.com/advisories/31119",
                  },
                  {
                     name: "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0176",
                     refsource: "CONFIRM",
                     url: "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0176",
                  },
                  {
                     name: "[oss-security] 20080502 CVE Request (PHP)",
                     refsource: "MLIST",
                     url: "http://www.openwall.com/lists/oss-security/2008/05/02/2",
                  },
                  {
                     name: "20080527 rPSA-2008-0178-1 php php-mysql php-pgsql",
                     refsource: "BUGTRAQ",
                     url: "http://www.securityfocus.com/archive/1/492671/100/0/threaded",
                  },
                  {
                     name: "30411",
                     refsource: "SECUNIA",
                     url: "http://secunia.com/advisories/30411",
                  },
                  {
                     name: "30158",
                     refsource: "SECUNIA",
                     url: "http://secunia.com/advisories/30158",
                  },
                  {
                     name: "http://www.php.net/ChangeLog-5.php",
                     refsource: "CONFIRM",
                     url: "http://www.php.net/ChangeLog-5.php",
                  },
                  {
                     name: "31200",
                     refsource: "SECUNIA",
                     url: "http://secunia.com/advisories/31200",
                  },
                  {
                     name: "SSA:2008-128-01",
                     refsource: "SLACKWARE",
                     url: "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.488951",
                  },
                  {
                     name: "30757",
                     refsource: "SECUNIA",
                     url: "http://secunia.com/advisories/30757",
                  },
                  {
                     name: "RHSA-2008:0544",
                     refsource: "REDHAT",
                     url: "http://www.redhat.com/support/errata/RHSA-2008-0544.html",
                  },
                  {
                     name: "DSA-1578",
                     refsource: "DEBIAN",
                     url: "http://www.debian.org/security/2008/dsa-1578",
                  },
                  {
                     name: "SUSE-SR:2008:014",
                     refsource: "SUSE",
                     url: "http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00001.html",
                  },
                  {
                     name: "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0178",
                     refsource: "CONFIRM",
                     url: "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0178",
                  },
                  {
                     name: "MDVSA-2008:125",
                     refsource: "MANDRIVA",
                     url: "http://www.mandriva.com/security/advisories?name=MDVSA-2008:125",
                  },
                  {
                     name: "31326",
                     refsource: "SECUNIA",
                     url: "http://secunia.com/advisories/31326",
                  },
                  {
                     name: "https://issues.rpath.com/browse/RPL-2503",
                     refsource: "CONFIRM",
                     url: "https://issues.rpath.com/browse/RPL-2503",
                  },
                  {
                     name: "RHSA-2008:0505",
                     refsource: "REDHAT",
                     url: "http://www.redhat.com/support/errata/RHSA-2008-0505.html",
                  },
                  {
                     name: "MDVSA-2008:126",
                     refsource: "MANDRIVA",
                     url: "http://www.mandriva.com/security/advisories?name=MDVSA-2008:126",
                  },
                  {
                     name: "MDVSA-2008:127",
                     refsource: "MANDRIVA",
                     url: "http://www.mandriva.com/security/advisories?name=MDVSA-2008:127",
                  },
                  {
                     name: "30048",
                     refsource: "SECUNIA",
                     url: "http://secunia.com/advisories/30048",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
      assignerShortName: "redhat",
      cveId: "CVE-2008-2051",
      datePublished: "2008-05-05T17:00:00",
      dateReserved: "2008-05-02T00:00:00",
      dateUpdated: "2024-08-07T08:49:57.022Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
   "vulnerability-lookup:meta": {
      nvd: "{\"cve\":{\"id\":\"CVE-2008-2051\",\"sourceIdentifier\":\"secalert@redhat.com\",\"published\":\"2008-05-05T17:20:00.000\",\"lastModified\":\"2024-11-21T00:45:58.517\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The escapeshellcmd API function in PHP before 5.2.6 has unknown impact and context-dependent attack vectors related to \\\"incomplete multibyte chars.\\\"\"},{\"lang\":\"es\",\"value\":\"La función escapeshellcmd API en PHP anterior a 5.2.6 tiene impacto desconocido y vectores de ataque dependientes del contexto relacionados con \\\"caracteres multibyte incompletos\\\".\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:C/I:C/A:C\",\"baseScore\":10.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":10.0,\"acInsufInfo\":true,\"obtainAllPrivilege\":true,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-noinfo\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"5.2.5\",\"matchCriteriaId\":\"18255FF5-3F40-483F-85DC-21D9B6B4FE07\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:php:php:5.0.0:beta1:*:*:*:*:*:*\",\"matchCriteriaId\":\"E727CECE-E452-489A-A42F-5A069D6AF80E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:php:php:5.0.0:beta2:*:*:*:*:*:*\",\"matchCriteriaId\":\"149A1FB8-593E-412B-8E1C-3E560301D500\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:php:php:5.0.0:beta3:*:*:*:*:*:*\",\"matchCriteriaId\":\"5D6E8982-D7AE-4A52-8F7C-A4D59D2A2CA4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:php:php:5.0.0:beta4:*:*:*:*:*:*\",\"matchCriteriaId\":\"8FC144FA-8F84-44C0-B263-B639FEAD20FB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:php:php:5.0.0:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"295907B4-C3DE-4021-BE3B-A8826D4379E6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:php:php:5.0.0:rc2:*:*:*:*:*:*\",\"matchCriteriaId\":\"DBC98F82-6E1D-4A89-8ED4-ECD9BD954EB4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:php:php:5.0.0:rc3:*:*:*:*:*:*\",\"matchCriteriaId\":\"B881352D-954E-4FC0-9E42-93D02A3F3089\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:php:php:5.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"17437AED-816A-4CCF-96DE-8C3D0CC8DB2B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:php:php:5.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"74E7AE59-1CB0-4300-BBE0-109F909789EF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:php:php:5.0.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9222821E-370F-4616-B787-CC22C2F4E7CD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:php:php:5.0.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9809449F-9A76-4318-B233-B4C2950A6EA9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:php:php:5.0.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0AA962D4-A4EC-4DC3-B8A9-D10941B92781\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:php:php:5.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F8CDFEF9-C367-4800-8A2F-375C261FAE55\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:php:php:5.1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"16E43B88-1563-4EFD-9267-AE3E8C35D67A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:php:php:5.1.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"11E5715F-A8BC-49EF-836B-BB78E1BC0790\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:php:php:5.1.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5FA68843-158E-463E-B68A-1ACF041C4E10\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:php:php:5.1.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1874F637-77E2-4C4A-BF92-AEE96A60BFB0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:php:php:5.1.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9592B32E-55CD-42D0-901E-8319823BC820\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:php:php:5.1.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A9BF34B5-F74C-4D56-9841-42452D60CB87\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:php:php:5.2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CD02D837-FD28-4E0F-93F8-25E8D1C84A99\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:php:php:5.2.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"88358D1E-BE6F-4CE3-A522-83D1FA4739E3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:php:php:5.2.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D8B97B03-7DA7-4A5F-89B4-E78CAB20DE17\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:php:php:5.2.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"86767200-6C9C-4C3E-B111-0E5BE61E197B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:php:php:5.2.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B00B416D-FF23-4C76-8751-26D305F0FA0F\"}]}]}],\"references\":[{\"url\":\"http://lists.apple.com/archives/security-announce//2008/Jul/msg00003.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00001.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://secunia.com/advisories/30048\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://secunia.com/advisories/30083\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://secunia.com/advisories/30158\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://secunia.com/advisories/30288\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://secunia.com/advisories/30345\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://secunia.com/advisories/30411\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://secunia.com/advisories/30757\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://secunia.com/advisories/30828\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://secunia.com/advisories/30967\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://secunia.com/advisories/31119\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://secunia.com/advisories/31124\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://secunia.com/advisories/31200\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://secunia.com/advisories/31326\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://secunia.com/advisories/32746\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://security.gentoo.org/glsa/glsa-200811-05.xml\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0176\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0178\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.debian.org/security/2008/dsa-1572\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.debian.org/security/2008/dsa-1578\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.mandriva.com/security/advisories?name=MDVSA-2008:125\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.mandriva.com/security/advisories?name=MDVSA-2008:126\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.mandriva.com/security/advisories?name=MDVSA-2008:127\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.mandriva.com/security/advisories?name=MDVSA-2008:128\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.openwall.com/lists/oss-security/2008/05/02/2\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.php.net/ChangeLog-5.php\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2008-0505.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2008-0544.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2008-0545.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2008-0546.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2008-0582.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.securityfocus.com/archive/1/492535/100/0/threaded\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.securityfocus.com/archive/1/492671/100/0/threaded\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.securityfocus.com/bid/29009\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.488951\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.ubuntu.com/usn/usn-628-1\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.vupen.com/english/advisories/2008/1412\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.vupen.com/english/advisories/2008/2268\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://issues.rpath.com/browse/RPL-2503\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10256\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00773.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00779.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://lists.apple.com/archives/security-announce//2008/Jul/msg00003.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00001.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/30048\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/30083\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/30158\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/30288\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/30345\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/30411\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/30757\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/30828\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/30967\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/31119\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/31124\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/31200\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/31326\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/32746\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://security.gentoo.org/glsa/glsa-200811-05.xml\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0176\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0178\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.debian.org/security/2008/dsa-1572\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.debian.org/security/2008/dsa-1578\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.mandriva.com/security/advisories?name=MDVSA-2008:125\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.mandriva.com/security/advisories?name=MDVSA-2008:126\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.mandriva.com/security/advisories?name=MDVSA-2008:127\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.mandriva.com/security/advisories?name=MDVSA-2008:128\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.openwall.com/lists/oss-security/2008/05/02/2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.php.net/ChangeLog-5.php\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2008-0505.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2008-0544.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2008-0545.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2008-0546.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2008-0582.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/archive/1/492535/100/0/threaded\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/archive/1/492671/100/0/threaded\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/29009\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.488951\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.ubuntu.com/usn/usn-628-1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.vupen.com/english/advisories/2008/1412\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.vupen.com/english/advisories/2008/2268\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://issues.rpath.com/browse/RPL-2503\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10256\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00773.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00779.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}",
   },
}


Log in or create an account to share your comment.

Security Advisory comment format.

This schema specifies the format of a comment related to a security advisory.

UUIDv4 of the comment
UUIDv4 of the Vulnerability-Lookup instance
When the comment was created originally
When the comment was last updated
Title of the comment
Description of the comment
The identifier of the vulnerability (CVE ID, GHSA-ID, PYSEC ID, etc.).



Tags
Taxonomy of the tags.


Loading…

Loading…

Loading…

Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.