CVE-2008-0755

Published Feb 13, 2008

Last updated 6 years ago

CVSS info 7.5

Overview

Description: Format string vulnerability in the ReportSysLogEvent function in the LPD server in cyan soft Opium OPI Server 4.10.1028 and earlier; cyanPrintIP Easy OPI, Professional, and Basic 4.10.1030 and earlier; Workstation 4.10.836 and earlier; and Standard 4.10.940 and earlier; might allow remote attackers to execute arbitrary code via format string specifiers in the queue name in a request.
Source: cve@mitre.org
NVD status: Modified

Risk scores

CVSS 2.0

Type: Primary
Base score: 7.5
Impact score: 6.4
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:P/I:P/A:P

Weaknesses

nvd@nist.gov: CWE-134

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:cyan_soft:cyanprintip_basic:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "991EE979-F40C-4F1B-BAB0-0A2DB7557ECD",
            "versionEndIncluding": "4.10.1030"
          },
          {
            "criteria": "cpe:2.3:a:cyan_soft:cyanprintip_easy_opi:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EDDC746D-4271-4D38-9A5D-113D47FF9FBB",
            "versionEndIncluding": "4.10.1030"
          },
          {
            "criteria": "cpe:2.3:a:cyan_soft:cyanprintip_professional:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F4D2BBA5-170F-494A-AC52-376FE1243A0E",
            "versionEndIncluding": "4.10.1030"
          },
          {
            "criteria": "cpe:2.3:a:cyan_soft:cyanprintip_standard:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "68343171-B4B8-43A0-AC81-D162AFE97CF8",
            "versionEndIncluding": "4.10.940"
          },
          {
            "criteria": "cpe:2.3:a:cyan_soft:cyanprintip_workstation:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "763840D0-D5C4-4BA4-8AD8-2602587DBA2A",
            "versionEndIncluding": "4.10.836"
          },
          {
            "criteria": "cpe:2.3:a:cyan_soft:opium4_opi_server:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5C8FC423-B5E0-4BC0-BE0C-6BE148819766",
            "versionEndIncluding": "4.10.1028"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References