CVE-2009-0918

Опубликовано: 16 мар. 2009

Источник: nvd

CVSS2: 7.5

EPSS Низкий

Описание

Multiple unspecified vulnerabilities in DFLabs PTK 1.0.0 through 1.0.4 allow remote attackers to execute arbitrary commands in processes launched by PTK's Apache HTTP Server via (1) "external tools" or (2) a crafted forensic image.

Ссылки

http://ptk.dflabs.com/faq.html
Patch
Vendor Advisory
http://ptk.dflabs.com/security.html
Patch
Vendor Advisory
http://www.kb.cert.org/vuls/id/845747
US Government Resource
http://www.kb.cert.org/vuls/id/RGII-7Q4GBJ
US Government Resource
http://www.securityfocus.com/bid/34111
https://exchange.xforce.ibmcloud.com/vulnerabilities/49235
http://ptk.dflabs.com/faq.html
Patch
Vendor Advisory
http://ptk.dflabs.com/security.html
Patch
Vendor Advisory
http://www.kb.cert.org/vuls/id/845747
US Government Resource
http://www.kb.cert.org/vuls/id/RGII-7Q4GBJ
US Government Resource
http://www.securityfocus.com/bid/34111
https://exchange.xforce.ibmcloud.com/vulnerabilities/49235

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:dflabs:ptk:1.0.0:*:*:*:*:*:*:*

cpe:2.3:a:dflabs:ptk:1.0.1:*:*:*:*:*:*:*

cpe:2.3:a:dflabs:ptk:1.0.2:*:*:*:*:*:*:*

cpe:2.3:a:dflabs:ptk:1.0.3:*:*:*:*:*:*:*

cpe:2.3:a:dflabs:ptk:1.0.4:*:*:*:*:*:*:*

EPSS

Процентиль: 83%

0.01952

Низкий

7.5 High

CVSS2

Дефекты

NVD-CWE-noinfo

Связанные уязвимости

GHSA-22q3-mmfp-g262

github

почти 4 года назад