Published: 18/05/2008 Updated: 08/08/2017

CVSS v2 Base Score: 4.6 | Impact Score: 6.4 | Exploitability Score: 3.9

VMScore: 465

Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P

The write_array_file function in utils/include.pl in GForge 4.5.14 updates configuration files by truncating them to zero length and then writing new data, which might allow malicious users to bypass intended access restrictions or have unspecified other impact in opportunistic circumstances.

Vulnerable Product	Search on Vulmon	Subscribe to Product
gforge gforge 4.5.14

Stephen Gran and Mark Hymers discovered that some scripts run by GForge, a collaborative development tool, open files in write mode in a potentially insecure manner This may be exploited to overwrite arbitrary files on the local system For the stable distribution (etch), this problem has been fixed in version 4514-22etch8 For the unstable dist ...

# Name : phpQLAdmin 227 Multiple Remote File Include # Download From : phpqladmincom/phpQLAdmin-227zip # Found By : RoMaNcYxHaCkEr [RoMaNTiC-TeaM] # Home Page : WwW4RxHCoM +============================================================================+ # Vulne Code In Files ezmlmphp & update_translationsphp # Ex ...

CWE-59 http://security.debian.org/pool/updates/main/g/gforge/gforge_4.5.14-22etch8.diff.gz http://www.debian.org/security/2008/dsa-1577 http://www.securityfocus.com/bid/29215 http://secunia.com/advisories/30088 http://secunia.com/advisories/30286 http://www.vupen.com/english/advisories/2008/1537/references https://exchange.xforce.ibmcloud.com/vulnerabilities/42456 https://nvd.nist.gov https://www.debian.org/security/./dsa-1577 https://www.exploit-db.com/exploits/5173/

CVE-2008-0167

Vulnerability Summary

Vendor Advisories

Exploits

References

Vulmon Search

About

Products

Connect