Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-5694

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2008-5694
Last Modified 06 Jan 2009 01:02:46
Published 19 Dec 2008 01:30:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2008-5694

Summary

PHP remote file inclusion vulnerability in lib/jpgraph/jpgraph_errhandler.inc.php in Sandbox 1.4.1 might allow remote attackers to execute arbitrary PHP code via unspecified vectors. NOTE: the issue, if any, may be located in Aditus JpGraph rather than Sandbox. If so, then this should not be treated as an issue in Sandbox.

Vulnerable Systems

Application

  • Sandbox 1.4.1


References

XF - sandbox-errhandler-file-include(47688)

BUGTRAQ - 20080210 hi

MISC - http://www.by-f10.com/bug.txt


Last Updated: 27 May 2016 10:48:53