CVE-2008-4047

Published Sep 11, 2008

Last updated 8 years ago

CVSS info 7.5

Overview

Description: Unspecified vulnerability in Novell Forum (formerly SiteScape Forum) 7.0, 7.1, 7.2, 7.3, and 8.0 allows remote attackers to execute arbitrary TCL code via a modified URL. NOTE: this might overlap CVE-2007-6515.
Source: cve@mitre.org
NVD status: Modified

Risk scores

CVSS 2.0

Type: Primary
Base score: 7.5
Impact score: 6.4
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:P/I:P/A:P

Weaknesses

nvd@nist.gov: CWE-94

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:novell:novell_forum:7.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B1006A7C-A459-4BB2-BBE3-AF7228A38760"
          },
          {
            "criteria": "cpe:2.3:a:novell:novell_forum:7.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "85D1BA9B-8CC0-4722-B007-78491337EF34"
          },
          {
            "criteria": "cpe:2.3:a:novell:novell_forum:7.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "71910610-55C5-4F47-89B2-166EA3049A1D"
          },
          {
            "criteria": "cpe:2.3:a:novell:novell_forum:7.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "41817CD1-E526-4167-9698-65C861FA9237"
          },
          {
            "criteria": "cpe:2.3:a:novell:novell_forum:8.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9EFB1289-E570-46FE-B4B4-E684516F6B6F"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References