10

CVE-2008-2051

The escapeshellcmd API function in PHP before 5.2.6 has unknown impact and context-dependent attack vectors related to "incomplete multibyte chars."
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
PhpPhp Version <= 5.2.5
PhpPhp Version5.0.0 Updatebeta1
PhpPhp Version5.0.0 Updatebeta2
PhpPhp Version5.0.0 Updatebeta3
PhpPhp Version5.0.0 Updatebeta4
PhpPhp Version5.0.0 Updaterc1
PhpPhp Version5.0.0 Updaterc2
PhpPhp Version5.0.0 Updaterc3
PhpPhp Version5.0.1
PhpPhp Version5.0.2
PhpPhp Version5.0.3
PhpPhp Version5.0.4
PhpPhp Version5.0.5
PhpPhp Version5.1.0
PhpPhp Version5.1.1
PhpPhp Version5.1.2
PhpPhp Version5.1.3
PhpPhp Version5.1.4
PhpPhp Version5.1.5
PhpPhp Version5.1.6
PhpPhp Version5.2.0
PhpPhp Version5.2.1
PhpPhp Version5.2.2
PhpPhp Version5.2.3
PhpPhp Version5.2.4
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 3.1% 0.861
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 10 10 10
AV:N/AC:L/Au:N/C:C/I:C/A:C
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00001.html
http://secunia.com/advisories/30967
http://secunia.com/advisories/30411
http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0178
http://www.securityfocus.com/archive/1/492671/100/0/threaded
http://www.mandriva.com/security/advisories?name=MDVSA-2008:126
http://www.php.net/ChangeLog-5.php
http://secunia.com/advisories/30288
http://www.debian.org/security/2008/dsa-1578
http://secunia.com/advisories/30158
http://www.debian.org/security/2008/dsa-1572
http://www.mandriva.com/security/advisories?name=MDVSA-2008:125
http://secunia.com/advisories/30828
http://secunia.com/advisories/31119
http://secunia.com/advisories/31200
http://www.redhat.com/support/errata/RHSA-2008-0505.html
http://www.redhat.com/support/errata/RHSA-2008-0544.html
http://www.redhat.com/support/errata/RHSA-2008-0545.html
http://www.redhat.com/support/errata/RHSA-2008-0582.html
http://www.ubuntu.com/usn/usn-628-1
https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00773.html
http://lists.apple.com/archives/security-announce//2008/Jul/msg00003.html
http://secunia.com/advisories/31326
http://www.vupen.com/english/advisories/2008/2268
http://secunia.com/advisories/31124
http://www.redhat.com/support/errata/RHSA-2008-0546.html
http://www.mandriva.com/security/advisories?name=MDVSA-2008:127
http://secunia.com/advisories/30048
http://www.openwall.com/lists/oss-security/2008/05/02/2
http://www.securityfocus.com/bid/29009
http://www.vupen.com/english/advisories/2008/1412
http://secunia.com/advisories/30345
http://secunia.com/advisories/32746
http://security.gentoo.org/glsa/glsa-200811-05.xml
http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0176
http://www.securityfocus.com/archive/1/492535/100/0/threaded
https://issues.rpath.com/browse/RPL-2503
http://secunia.com/advisories/30083
http://secunia.com/advisories/30757
http://www.mandriva.com/security/advisories?name=MDVSA-2008:128
http://www.slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.488951
https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00779.html
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10256