CVE-2008-0755
Published Feb 13, 2008
Last updated 6 years ago
Overview
- Description
- Format string vulnerability in the ReportSysLogEvent function in the LPD server in cyan soft Opium OPI Server 4.10.1028 and earlier; cyanPrintIP Easy OPI, Professional, and Basic 4.10.1030 and earlier; Workstation 4.10.836 and earlier; and Standard 4.10.940 and earlier; might allow remote attackers to execute arbitrary code via format string specifiers in the queue name in a request.
- Source
- cve@mitre.org
- NVD status
- Modified
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 7.5
- Impact score
- 6.4
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:P/I:P/A:P
Weaknesses
- nvd@nist.gov
- CWE-134
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cyan_soft:cyanprintip_basic:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "991EE979-F40C-4F1B-BAB0-0A2DB7557ECD",
"versionEndIncluding": "4.10.1030"
},
{
"criteria": "cpe:2.3:a:cyan_soft:cyanprintip_easy_opi:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "EDDC746D-4271-4D38-9A5D-113D47FF9FBB",
"versionEndIncluding": "4.10.1030"
},
{
"criteria": "cpe:2.3:a:cyan_soft:cyanprintip_professional:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F4D2BBA5-170F-494A-AC52-376FE1243A0E",
"versionEndIncluding": "4.10.1030"
},
{
"criteria": "cpe:2.3:a:cyan_soft:cyanprintip_standard:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "68343171-B4B8-43A0-AC81-D162AFE97CF8",
"versionEndIncluding": "4.10.940"
},
{
"criteria": "cpe:2.3:a:cyan_soft:cyanprintip_workstation:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "763840D0-D5C4-4BA4-8AD8-2602587DBA2A",
"versionEndIncluding": "4.10.836"
},
{
"criteria": "cpe:2.3:a:cyan_soft:opium4_opi_server:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5C8FC423-B5E0-4BC0-BE0C-6BE148819766",
"versionEndIncluding": "4.10.1028"
}
],
"operator": "OR"
}
]
}
]