7.5

CVE-2008-1688

Unspecified vulnerability in GNU m4 before 1.4.11 might allow context-dependent attackers to execute arbitrary code, related to improper handling of filenames specified with the -F option.  NOTE: it is not clear when this issue crosses privilege boundaries.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
GnuM4 Version1.4.1
GnuM4 Version1.4.2
GnuM4 Version1.4.3
GnuM4 Version1.4.4
GnuM4 Version1.4.5
GnuM4 Version1.4.6
GnuM4 Version1.4.7
GnuM4 Version1.4.8
GnuM4 Version1.4.9
GnuM4 Version1.4.10
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 2.96% 0.854
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.5 10 6.4
AV:N/AC:L/Au:N/C:P/I:P/A:P
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://secunia.com/advisories/29671
Vendor Advisory
http://secunia.com/advisories/29729
Patch
Vendor Advisory
http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.510612
http://www.openwall.com/lists/oss-security/2008/04/07/1
http://www.openwall.com/lists/oss-security/2008/04/07/3
http://www.securityfocus.com/bid/28688
http://www.vupen.com/english/advisories/2008/1151/references
http://osvdb.org/44272
https://exchange.xforce.ibmcloud.com/vulnerabilities/41704