CVE-2008-6119
published 2009-02-11CVE-2008-6119: Static code injection vulnerability in gooplecms/admin/account/action/editpass.php in Goople CMS 1.7 allows remote attackers to inject arbitrary PHP code into…
PriorityP340high7.5CVSS 2.0
AVNACLAuNCPIPAP
EXPLOIT
EPSS
2.21%
80.4th percentile
Static code injection vulnerability in gooplecms/admin/account/action/editpass.php in Goople CMS 1.7 allows remote attackers to inject arbitrary PHP code into admin/userandpass.php via the (1) username and (2) password parameters. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| goople_cms | goople_cms | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Bugzilla
CVE-2007-6439 wireshark IPv6 and USB dissector crash
bugzilla·2008-01-02·CVSS 5.0
CVE-2007-6439 [MEDIUM] CVE-2007-6439 wireshark IPv6 and USB dissector crash
CVE-2007-6439 wireshark IPv6 and USB dissector crash
Common Vulnerabilities and Exposures assigned an identifier CVE-2007-6439 to the following vulnerability:
Wireshark (formerly Ethereal) 0.99.6 allows remote attackers to cause a denial of service (infinite or large loop) via the (1) IPv6 or (2) USB dissector, which can trigger resource consumption or a crash. NOTE: this identifier originally included Firebird/Interbase, but it is already covered by CVE-2007-6116. The DCP ETSI issue is already covered by CVE-2007-6119.
References:
http://www.wireshark.org/security/wnpa-sec-2007-03.html
Discussion:
This issue was addressed in:
Red Hat Enterprise Linux:
http://rhn.redhat.com/errata/RHSA-2008-0058.html
Bugzilla
CVE-2007-6119 wireshark DCP ETSI dissector flaws
bugzilla·2007-11-23·CVSS 7.8
CVE-2007-6119 [HIGH] CVE-2007-6119 wireshark DCP ETSI dissector flaws
CVE-2007-6119 wireshark DCP ETSI dissector flaws
Common Vulnerabilities and Exposures assigned an identifier CVE-2007-6119 to the following vulnerability:
The DCP ETSI dissector in Wireshark (formerly Ethereal) 0.99.6 allows
remote attackers to cause a denial of service (long loop and resource
consumption) via unknown vectors.
Discussion:
wireshark-0.99.7-2.fc8 has been pushed to the Fedora 8 stable repository. If problems still persist, please make note of it in this bug report.
---
wireshark-0.99.7-1.fc7 has been pushed to the Fedora 7 stable repository. If problems still persist, please make note of it in this bug report.
---
This issue was addressed in:
Red Hat Enterprise Linux:
http://rhn.redhat.com/errata/RHSA-2008-0058.html
Fedora:
https://admin.fedoraproject.org/updates/F
2009-02-11
Published