Published: 13/03/2008 Updated: 11/10/2018

CVSS v2 Base Score: 9.3 | Impact Score: 10 | Exploitability Score: 8.6

VMScore: 935

Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C

Untrusted search path and argument injection vulnerability in the VersantD service in Versant Object Database 7.0.1.3 and previous versions, as used in Borland CaliberRM and probably other products, allows remote malicious users to execute arbitrary commands via a request to TCP port 5019 with a modified VERSANT_ROOT field.

Vulnerable Product	Search on Vulmon	Subscribe to Product
versant versant object database
versant versant object database 7.0.1

Versant server <= 7013 Arbitrary Commands Execution Exploit Exploit-DB Mirror: githubcom/offensive-security/exploitdb-bin-sploits/raw/master/bin-sploits/5213zip (2008-versantcmdzip) # milw0rmcom [2008-03-04] ...

NVD-CWE-Other http://marc.info/?l=bugtraq&m=120468784112145&w=2 http://aluigi.altervista.org/adv/versantcmd-adv.txt http://www.securityfocus.com/bid/28097 http://secunia.com/advisories/29230 http://securityreason.com/securityalert/3738 http://www.vupen.com/english/advisories/2008/0764/references https://exchange.xforce.ibmcloud.com/vulnerabilities/40997 https://www.exploit-db.com/exploits/5213 http://www.securityfocus.com/archive/1/489139/100/0/threaded https://nvd.nist.gov https://www.exploit-db.com/exploits/5213/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2008-1319

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect