CVE-2008-2064

Multiple unspecified vulnerabilities in PhpGedView before 4.1.5 have unknown impact and attack vectors related to "a fundamental design flaw in the interface (API) to connect phpGedView with external programs like content management systems."

CVSS v2.0 10.0 HIGH

10.0^/10

CVSS v2.0 : HIGH

Vector : AV:N/AC:L/Au:N/C:C/I:C/A:C

Exploitability : 10.0 / Impact : 10.0

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References

Link	Resource
http://secunia.com/advisories/29989	Vendor Advisory
http://secunia.com/advisories/30256	Vendor Advisory
http://sourceforge.net/project/shownotes.php?group_id=55456&release_id=595222	Patch
http://www.debian.org/security/2008/dsa-1580	Patch
http://www.phpgedview.net/	Patch Vendor Advisory
http://www.securityfocus.com/bid/28978
https://exchange.xforce.ibmcloud.com/vulnerabilities/42085

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:phpgedview:phpgedview::::::::
	cpe:2.3:a:phpgedview:phpgedview:0.6:::::::*
	cpe:2.3:a:phpgedview:phpgedview:0.8:::::::*
	cpe:2.3:a:phpgedview:phpgedview:0.95:::::::*
	cpe:2.3:a:phpgedview:phpgedview:1.0:::::::*
	cpe:2.3:a:phpgedview:phpgedview:1.1:::::::*
	cpe:2.3:a:phpgedview:phpgedview:1.04:::::::*
	cpe:2.3:a:phpgedview:phpgedview:2.0:::::::*
	cpe:2.3:a:phpgedview:phpgedview:2.12:::::::*
	cpe:2.3:a:phpgedview:phpgedview:2.13:::::::*
	cpe:2.3:a:phpgedview:phpgedview:2.50:::::::*
	cpe:2.3:a:phpgedview:phpgedview:2.60:::::::*
	cpe:2.3:a:phpgedview:phpgedview:2.65:::::::*
	cpe:2.3:a:phpgedview:phpgedview:3.0:::::::*
	cpe:2.3:a:phpgedview:phpgedview:3.2:::::::*
	cpe:2.3:a:phpgedview:phpgedview:3.3.8:::::::*
	cpe:2.3:a:phpgedview:phpgedview:4.0:::::::*
	cpe:2.3:a:phpgedview:phpgedview:4.1.1:::::::*
	cpe:2.3:a:phpgedview:phpgedview:4.1.3:::::::*

History

No history.

Information

Published : 2008-05-02 23:20

Updated : 2023-12-10 10:51

NVD link : CVE-2008-2064

Mitre link : CVE-2008-2064

CVE.ORG link : CVE-2008-2064

JSON object : View

Products Affected

phpgedview

phpgedview

CWE

NVD-CWE-noinfo

{"id": "CVE-2008-2064", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 10.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": true, "impactScore": 10.0, "baseSeverity": "HIGH", "obtainAllPrivilege": true, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2008-05-02T23:20:00.000", "references": [{"url": "http://secunia.com/advisories/29989", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/30256", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://sourceforge.net/project/shownotes.php?group_id=55456&release_id=595222", "tags": ["Patch"], "source": "cve@mitre.org"}, {"url": "http://www.debian.org/security/2008/dsa-1580", "tags": ["Patch"], "source": "cve@mitre.org"}, {"url": "http://www.phpgedview.net/", "tags": ["Patch", "Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/28978", "source": "cve@mitre.org"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42085", "source": "cve@mitre.org"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "Multiple unspecified vulnerabilities in PhpGedView before 4.1.5 have unknown impact and attack vectors related to \"a fundamental design flaw in the interface (API) to connect phpGedView with external programs like content management systems.\""}, {"lang": "es", "value": "M\u00faltiples vulnerabilidades no especificadas en PhpGedView versiones anteriores a 4.1.5, presenta un impacto desconocido y vectores de ataque relacionados con \"a fundamental design flaw in the interface (API) to connect phpGedView with external programs like content management systems.\""}], "lastModified": "2017-08-08T01:30:43.590", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:phpgedview:phpgedview:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B72A5889-BB71-4B29-85F0-54301AC39A97", "versionEndIncluding": "4.1.4"}, {"criteria": "cpe:2.3:a:phpgedview:phpgedview:0.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E2023444-2ED3-493B-BAD4-E1CB35E5AEE1"}, {"criteria": "cpe:2.3:a:phpgedview:phpgedview:0.8:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "08CC63D1-93D0-4824-9462-F881D775E3CA"}, {"criteria": "cpe:2.3:a:phpgedview:phpgedview:0.95:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B3E12DB8-EAD0-4F5C-B785-D4C3C24345D9"}, {"criteria": "cpe:2.3:a:phpgedview:phpgedview:1.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6F39A506-086F-4A95-AA7B-44B2CA45D9A6"}, {"criteria": "cpe:2.3:a:phpgedview:phpgedview:1.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6F92B851-F2A2-4BDE-A5D5-FCFEB7737992"}, {"criteria": "cpe:2.3:a:phpgedview:phpgedview:1.04:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D3E4F77A-FC26-41AB-B5CA-13D433BB5B8D"}, {"criteria": "cpe:2.3:a:phpgedview:phpgedview:2.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "395FAED4-94DE-4C7D-AF1B-BE0586189587"}, {"criteria": "cpe:2.3:a:phpgedview:phpgedview:2.12:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7F58F44C-F317-4AEF-9394-A18DEE8E52A4"}, {"criteria": "cpe:2.3:a:phpgedview:phpgedview:2.13:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "52600D9B-44DC-4C5E-9105-F514FD6EF19E"}, {"criteria": "cpe:2.3:a:phpgedview:phpgedview:2.50:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3C00EF07-DA5D-4F60-879A-83C3FC376049"}, {"criteria": "cpe:2.3:a:phpgedview:phpgedview:2.60:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EDA13EED-7C5F-4F5E-AEC2-D5DA0206B238"}, {"criteria": "cpe:2.3:a:phpgedview:phpgedview:2.65:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "12A0E38B-C9E3-4619-B1A1-94C11546D6DB"}, {"criteria": "cpe:2.3:a:phpgedview:phpgedview:3.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CA5AC706-5C75-422A-9C70-09EA3827002B"}, {"criteria": "cpe:2.3:a:phpgedview:phpgedview:3.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "328757A4-D90E-46A2-9B4A-AF0F4D5BDFEC"}, {"criteria": "cpe:2.3:a:phpgedview:phpgedview:3.3.8:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3F1A017B-DC5C-41F6-A489-D37C9223124C"}, {"criteria": "cpe:2.3:a:phpgedview:phpgedview:4.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B3442CF0-EBFC-40DD-930C-1EAC1CAF06C0"}, {"criteria": "cpe:2.3:a:phpgedview:phpgedview:4.1.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "30317A7C-91E3-4D25-9A5D-A8F49674C67D"}, {"criteria": "cpe:2.3:a:phpgedview:phpgedview:4.1.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BCE3A384-54FC-4672-B395-A73696B64FCB"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}