Vulnerability Details CVE-2008-2230
Untrusted search path vulnerability in (1) reportbug 3.8 and 3.31, and (2) reportbug-ng before 0.2008.06.04, allows local users to execute arbitrary code via a malicious module file in the current working directory.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 47.1%
CVSS Severity
CVSS v2 Score 4.6
References
- http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=484311
- http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=484474
- https://exchange.xforce.ibmcloud.com/vulnerabilities/43001
- http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=484311
- http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=484474
- https://exchange.xforce.ibmcloud.com/vulnerabilities/43001
Products affected by CVE-2008-2230
-
cpe:2.3:a:reportbug-ng:reportbug-ng:0.2007.03.10
-
cpe:2.3:a:reportbug-ng:reportbug-ng:0.2007.03.11
-
cpe:2.3:a:reportbug-ng:reportbug-ng:0.2007.03.13
-
cpe:2.3:a:reportbug-ng:reportbug-ng:0.2007.03.14
-
cpe:2.3:a:reportbug-ng:reportbug-ng:0.2007.03.15
-
cpe:2.3:a:reportbug-ng:reportbug-ng:0.2007.03.17
-
cpe:2.3:a:reportbug-ng:reportbug-ng:0.2007.03.19
-
cpe:2.3:a:reportbug-ng:reportbug-ng:0.2007.03.19.2
-
cpe:2.3:a:reportbug-ng:reportbug-ng:0.2007.03.20
-
cpe:2.3:a:reportbug-ng:reportbug-ng:0.2007.03.24
-
cpe:2.3:a:reportbug-ng:reportbug-ng:0.2007.03.27
-
cpe:2.3:a:reportbug-ng:reportbug-ng:0.2007.03.28
-
cpe:2.3:a:reportbug-ng:reportbug-ng:0.2007.03.29
-
cpe:2.3:a:reportbug-ng:reportbug-ng:0.2007.04.07
-
cpe:2.3:a:reportbug-ng:reportbug-ng:0.2007.04.07.2
-
cpe:2.3:a:reportbug-ng:reportbug-ng:0.2007.04.13
-
cpe:2.3:a:reportbug-ng:reportbug-ng:0.2007.04.16
-
cpe:2.3:a:reportbug-ng:reportbug-ng:0.2007.04.20
-
cpe:2.3:a:reportbug-ng:reportbug-ng:0.2007.04.23
-
cpe:2.3:a:reportbug-ng:reportbug-ng:0.2007.04.27
-
cpe:2.3:a:reportbug-ng:reportbug-ng:0.2007.05.02
-
cpe:2.3:a:reportbug-ng:reportbug-ng:0.2007.05.27
-
cpe:2.3:a:reportbug-ng:reportbug-ng:0.2007.05.28
-
cpe:2.3:a:reportbug-ng:reportbug-ng:0.2007.05.31
-
cpe:2.3:a:reportbug-ng:reportbug-ng:0.2007.06.13
-
cpe:2.3:a:reportbug-ng:reportbug-ng:0.2007.06.27
-
cpe:2.3:a:reportbug-ng:reportbug-ng:0.2007.07.08
-
cpe:2.3:a:reportbug-ng:reportbug-ng:0.2007.07.12
-
cpe:2.3:a:reportbug-ng:reportbug-ng:0.2007.07.18
-
cpe:2.3:a:reportbug-ng:reportbug-ng:0.2007.07.19
-
cpe:2.3:a:reportbug-ng:reportbug-ng:0.2007.08.02
-
cpe:2.3:a:reportbug-ng:reportbug-ng:0.2007.08.03
-
cpe:2.3:a:reportbug-ng:reportbug-ng:0.2007.08.03.2
-
cpe:2.3:a:reportbug-ng:reportbug-ng:0.2007.08.12
-
cpe:2.3:a:reportbug-ng:reportbug-ng:0.2007.08.20
-
cpe:2.3:a:reportbug-ng:reportbug-ng:0.2007.10.30
-
cpe:2.3:a:reportbug-ng:reportbug-ng:0.2008.01.20
-
cpe:2.3:a:reportbug-ng:reportbug-ng:0.2008.03.26
-
cpe:2.3:a:reportbug-ng:reportbug-ng:0.2008.03.28
-
cpe:2.3:a:reportbug-ng:reportbug:3.31
-
cpe:2.3:a:reportbug-ng:reportbug:3.8