CVE-2008-1717

{"id": "CVE-2008-1717", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 5.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2008-04-09T21:05:00.000", "references": [{"url": "http://archives.neohapsis.com/archives/fulldisclosure/2008-04/0161.html", "source": "cve@mitre.org"}, {"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2008-April/061271.html", "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/29719", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/archive/1/490560/100/0/threaded", "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/archive/1/490782/100/0/threaded", "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/28678", "source": "cve@mitre.org"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41713", "source": "cve@mitre.org"}, {"url": "http://archives.neohapsis.com/archives/fulldisclosure/2008-04/0161.html", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2008-April/061271.html", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://secunia.com/advisories/29719", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/archive/1/490560/100/0/threaded", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/archive/1/490782/100/0/threaded", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/bid/28678", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41713", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-200"}]}], "descriptions": [{"lang": "en", "value": "WoltLab Community Framework (WCF) 1.0.6 in WoltLab Burning Board 3.0.5 allows remote attackers to obtain the full path via invalid (1) page and (2) form parameters, which leaks the path from an exception handler when a valid class cannot be found."}, {"lang": "es", "value": "WoltLab Community Framework (WCF) 1.0.6 de WoltLab Burning Board 3.0.5 permite a atacantes remotos obtener la ruta completa a trav\u00e9s de los par\u00e1metros no v\u00e1lidos (1) page y (2) form, lo cual filtra la ruta de un manejador de excepciones cuando una clase v\u00e1lida no se puede encontrar."}], "lastModified": "2024-11-21T00:45:10.187", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:woltlab:burning_board:3.0.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F7D2C3ED-2974-4585-8513-043327535178"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}