CVE-2008-4920 - ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: None. Reason: this candidate was based

CVE-2008-4920

Summary

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: None. Reason: this candidate was based on an incorrect claim regarding a directory issue in Agavi. The vendor has disputed the issue and the original researcher has retracted the original claim, so this is not a vulnerability. Further investigation by the vendor and original researcher show that the original issue was in a site-specific modification, which is outside the scope of CVE. Notes: CVE users should not use this identifier.

References

Vulnerable Configurations

CVSS

Base:	5.0
Impact:
Exploitability:

Access

Vector	Complexity	Authentication

Impact

Confidentiality	Integrity	Availability

refmap via4

bid	32086
exploit-db	6970
misc	http://blog.agavi.org/post/58189391/false-agavi-vulnerability-reports
osvdb	49566
sreason	4557
vim	20081106 Vendor dispute / researcher retraction: Agavi (CVE-2008-4920)
xf	agavi-index-directory-traversal(46318)

Last major update

07-11-2008 - 07:10

Published

04-11-2008 - 21:00

Last modified

07-11-2008 - 07:10