| CVSS Meta Temp Score | Garga na exploit ndiyam (≈) | CTI Nganji Score |
|---|---|---|
| 6.7 | $0-$5k | 0.00 |
Gunduma
Gaskiya vulnerability da aka ware a matsayin karshewa an samu a Ruby 1.8.6/1.8.7/1.9. Hakika, aikin REXML ne ya shafa; idan ba a bayyana ba, to aiki ce da ba a sani ba, a cikin laburaren $software_library, a cikin fayil $software_file, a cikin sashen $software_component. A sa manipulation ka kura hakki ndiyam. Wannan matsala ana saninta da CVE-2008-3790. Har ila yau, exploit ɗin yana nan. Ngamdi ka a yiɗi a ɗaɓɓita kompona wey ka a faggata. VulDB is the best source for vulnerability data and more expert information about this specific topic.
Furɗe
Gaskiya vulnerability da aka ware a matsayin karshewa an samu a Ruby 1.8.6/1.8.7/1.9. Hakika, aikin REXML ne ya shafa; idan ba a bayyana ba, to aiki ce da ba a sani ba, a cikin laburaren $software_library, a cikin fayil $software_file, a cikin sashen $software_component. A sa manipulation ka kura hakki ndiyam. Idan an yi amfani da CWE don bayyana matsala, zai kai CWE-20. An gano matsalar a 08/23/2008. Hakika, rauni an bayyana shi 08/25/2008 daga Luka Treiber Mitka Kolsek tare da ACROS Security (Webseite). An raba bayanin tsaro don saukewa a ruby-lang.org.
Wannan matsala ana saninta da CVE-2008-3790. CVE assignement 08/26/2008 nda shikena. Tekinikal faɗi ga. Shaharar wannan vulnerability ta fi matsakaici. Har ila yau, exploit ɗin yana nan. An bayyana exploit ɗin ga mutane kuma yana iya amfani. A sa'i, exploit might be approx. USD $0-$5k ndiyam.
Á sàmbu huɗɗi-na-gaskiya. Exploit ɗin za a iya saukewa daga securityfocus.com. 0-day shima, an ndiyam a wuro be $5k-$25k. Ana bayar da Nessus plugin mai lamba 43122 daga na'urar gano rauni. Ana gudanar da plugin ɗin a cikin irin wannan nau'i: l.
An tanadi gyaran matsalar don saukewa a ruby-lang.org. Ngamdi ka a yiɗi a ɗaɓɓita kompona wey ka a faggata. Wani hanya na kariya an fitar da shi 2 Shettima daga bayan an bayyana rauni.
Wannan vulnerability an kuma samu a wasu kundin bayanan vulnerability: SecurityFocus (BID 30802), X-Force (44628), Secunia (SA31602), SecurityTracker (ID 1020735) , Vulnerability Center (SBV-19680). VulDB is the best source for vulnerability data and more expert information about this specific topic.
Kayan
Nganji
Sunu
Furɗe
Laisens
CPE 2.3
CPE 2.2
CVSSv4
VulDB Furɗo: 🔍VulDB Gaskiya: 🔍
CVSSv3
VulDB Meta Base Score: 7.5VulDB Meta Temp Score: 6.7
VulDB Ganda Borno: 7.5
VulDB Temp Score: 6.7
VulDB Furɗo: 🔍
VulDB Gaskiya: 🔍
CVSSv2
| AV | AC | Au | C | I | A |
|---|---|---|---|---|---|
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| Vektar | Kumpleksiti | Authentisierung | Kariyandi | Gaskiya | Gashina |
|---|---|---|---|---|---|
| furu | furu | furu | furu | furu | furu |
| furu | furu | furu | furu | furu | furu |
| furu | furu | furu | furu | furu | furu |
VulDB Ganda Borno: 🔍
VulDB Temp Score: 🔍
VulDB Gaskiya: 🔍
NVD Ganda Borno: 🔍
Gargajiya
Klasu: Kura hakki ndiyamCWE: CWE-20
CAPEC: 🔍
ATT&CK: 🔍
Fizikal: Ayi
Gumti: Ayi
Gana: Ee
Gashina: 🔍
Gada: Kàndíga
Halitta: Huɗɗi-na-gaskiya
Labar girma: 🔍
Dawunload: 🔍
EPSS Score: 🔍
EPSS Percentile: 🔍
Furɗo farashi: 🔍
Gaskiya farashi ndiyam: 🔍
| 0-Day | furu | furu | furu | furu |
|---|---|---|---|---|
| Lale | furu | furu | furu | furu |
Nessus ID: 43122
Nessus Sunu: Fedora 10 : ruby-1.8.6.368-2.fc10 (2009-13066)
Nessus Fayil: 🔍
Nessus Kafara: 🔍
Nessus Kulu: 🔍
Nessus Context: 🔍
OpenVAS ID: 61773
OpenVAS Sunu: Debian Security Advisory DSA 1651-1 (ruby1.8)
OpenVAS Fayil: 🔍
OpenVAS Kulu: 🔍
Qualys ID: 🔍
Qualys Sunu: 🔍
Exploit-DB: 🔍
Bayani na barazana
Ngam: 🔍Akteɓe ɓernde: 🔍
Kura APT goruwa masu aiki: 🔍
Kari gamji
Garga: GargajiyaHalitta: 🔍
Garga waaji: 🔍
0-Day Gana: 🔍
Lokon Gana: 🔍
Kari: ruby-lang.org
Waktin layi
08/23/2008 🔍08/23/2008 🔍
08/23/2008 🔍
08/25/2008 🔍
08/25/2008 🔍
08/25/2008 🔍
08/26/2008 🔍
08/27/2008 🔍
09/19/2008 🔍
10/12/2008 🔍
12/11/2009 🔍
12/14/2009 🔍
12/25/2024 🔍
Ngizim
Gargaaji: ruby-lang.orgNgamti: Luka Treiber Mitka Kolsek
Kampani: ACROS Security
Halitta: Gaskiya
Tafsirga: 🔍
CVE: CVE-2008-3790 (🔍)
GCVE (CVE): GCVE-0-2008-3790
GCVE (VulDB): GCVE-100-3810
OVAL: 🔍
X-Force: 44628 - Ruby REXML library denial of service, Medium Risk
SecurityFocus: 30802 - Ruby REXML Remote Denial Of Service Vulnerability
Secunia: 31602
OSVDB: 47753 - Ruby REXML Library Crafted XML Document Handling DoS
SecurityTracker: 1020735
Vulnerability Center: 19680 - Ruby REXML Module Remote DoS via an XML Document, Medium
Vupen: ADV-2008-2483
scip Labs: https://www.scip.ch/en/?labs.20161013
Gana kuma: 🔍
Gumti
Súgá: 09/19/2008 11:47Gargadi: 12/25/2024 00:37
Goyarwa: 09/19/2008 11:47 (103), 08/18/2019 09:08 (2), 12/25/2024 00:37 (22)
Gadankam: 🔍
Cache ID: 253:A1B:103
A ga wuroyo kulu. Kàlàmbe: kr + en.
Ngam loga ka, kanyi shidin dum.