CVE-2009-2944

Опубликовано: 31 авг. 2009

Источник: nvd

CVSS2: 5

EPSS Низкий

Описание

Incomplete blacklist vulnerability in the teximg plugin in ikiwiki before 3.1415926 and 2.x before 2.53.4 allows context-dependent attackers to read arbitrary files via crafted TeX commands.

Ссылки

http://ikiwiki.info/security/#index35h2
Vendor Advisory
http://osvdb.org/57575
http://secunia.com/advisories/36516
Vendor Advisory
http://secunia.com/advisories/36539
http://www.debian.org/security/2009/dsa-1875
http://www.securityfocus.com/bid/36181
Patch
http://www.vupen.com/english/advisories/2009/2475
Patch
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/52922
http://ikiwiki.info/security/#index35h2
Vendor Advisory
http://osvdb.org/57575
http://secunia.com/advisories/36516
Vendor Advisory
http://secunia.com/advisories/36539
http://www.debian.org/security/2009/dsa-1875
http://www.securityfocus.com/bid/36181
Patch
http://www.vupen.com/english/advisories/2009/2475
Patch
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/52922

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:ikiwiki:ikiwiki:*:*:*:*:*:*:*:*

Версия до 3.141592 (включая)

cpe:2.3:a:ikiwiki:ikiwiki:2.0:*:*:*:*:*:*:*

cpe:2.3:a:ikiwiki:ikiwiki:2.00:*:*:*:*:*:*:*

cpe:2.3:a:ikiwiki:ikiwiki:2.1:*:*:*:*:*:*:*

cpe:2.3:a:ikiwiki:ikiwiki:2.2:*:*:*:*:*:*:*

cpe:2.3:a:ikiwiki:ikiwiki:2.3:*:*:*:*:*:*:*

cpe:2.3:a:ikiwiki:ikiwiki:2.4:*:*:*:*:*:*:*

cpe:2.3:a:ikiwiki:ikiwiki:2.5:*:*:*:*:*:*:*

cpe:2.3:a:ikiwiki:ikiwiki:2.6:*:*:*:*:*:*:*

cpe:2.3:a:ikiwiki:ikiwiki:2.6.1:*:*:*:*:*:*:*

cpe:2.3:a:ikiwiki:ikiwiki:2.7:*:*:*:*:*:*:*

cpe:2.3:a:ikiwiki:ikiwiki:2.8:*:*:*:*:*:*:*

cpe:2.3:a:ikiwiki:ikiwiki:2.9:*:*:*:*:*:*:*

cpe:2.3:a:ikiwiki:ikiwiki:2.10:*:*:*:*:*:*:*

cpe:2.3:a:ikiwiki:ikiwiki:2.11:*:*:*:*:*:*:*

cpe:2.3:a:ikiwiki:ikiwiki:2.12:*:*:*:*:*:*:*

cpe:2.3:a:ikiwiki:ikiwiki:2.13:*:*:*:*:*:*:*

cpe:2.3:a:ikiwiki:ikiwiki:2.14:*:*:*:*:*:*:*

cpe:2.3:a:ikiwiki:ikiwiki:2.15:*:*:*:*:*:*:*

cpe:2.3:a:ikiwiki:ikiwiki:2.16:*:*:*:*:*:*:*

cpe:2.3:a:ikiwiki:ikiwiki:2.17:*:*:*:*:*:*:*

cpe:2.3:a:ikiwiki:ikiwiki:2.18:*:*:*:*:*:*:*

cpe:2.3:a:ikiwiki:ikiwiki:2.19:*:*:*:*:*:*:*

cpe:2.3:a:ikiwiki:ikiwiki:2.20:*:*:*:*:*:*:*

cpe:2.3:a:ikiwiki:ikiwiki:2.30:*:*:*:*:*:*:*

cpe:2.3:a:ikiwiki:ikiwiki:2.31:*:*:*:*:*:*:*

cpe:2.3:a:ikiwiki:ikiwiki:2.31.1:*:*:*:*:*:*:*

cpe:2.3:a:ikiwiki:ikiwiki:2.31.2:*:*:*:*:*:*:*

cpe:2.3:a:ikiwiki:ikiwiki:2.31.3:*:*:*:*:*:*:*

cpe:2.3:a:ikiwiki:ikiwiki:2.40:*:*:*:*:*:*:*

cpe:2.3:a:ikiwiki:ikiwiki:2.41:*:*:*:*:*:*:*

cpe:2.3:a:ikiwiki:ikiwiki:2.42:*:*:*:*:*:*:*

cpe:2.3:a:ikiwiki:ikiwiki:2.43:*:*:*:*:*:*:*

cpe:2.3:a:ikiwiki:ikiwiki:2.44:*:*:*:*:*:*:*

cpe:2.3:a:ikiwiki:ikiwiki:2.45:*:*:*:*:*:*:*

cpe:2.3:a:ikiwiki:ikiwiki:2.46:*:*:*:*:*:*:*

cpe:2.3:a:ikiwiki:ikiwiki:2.47:*:*:*:*:*:*:*

cpe:2.3:a:ikiwiki:ikiwiki:2.48:*:*:*:*:*:*:*

cpe:2.3:a:ikiwiki:ikiwiki:2.49:*:*:*:*:*:*:*

cpe:2.3:a:ikiwiki:ikiwiki:2.50:*:*:*:*:*:*:*

cpe:2.3:a:ikiwiki:ikiwiki:2.51:*:*:*:*:*:*:*

cpe:2.3:a:ikiwiki:ikiwiki:2.52:*:*:*:*:*:*:*

cpe:2.3:a:ikiwiki:ikiwiki:2.53:*:*:*:*:*:*:*

cpe:2.3:a:ikiwiki:ikiwiki:2.54:*:*:*:*:*:*:*

cpe:2.3:a:ikiwiki:ikiwiki:2.55:*:*:*:*:*:*:*

cpe:2.3:a:ikiwiki:ikiwiki:2.56:*:*:*:*:*:*:*

cpe:2.3:a:ikiwiki:ikiwiki:2.60:*:*:*:*:*:*:*

cpe:2.3:a:ikiwiki:ikiwiki:2.61:*:*:*:*:*:*:*

cpe:2.3:a:ikiwiki:ikiwiki:2.62:*:*:*:*:*:*:*

cpe:2.3:a:ikiwiki:ikiwiki:2.62.1:*:*:*:*:*:*:*

cpe:2.3:a:ikiwiki:ikiwiki:2.63:*:*:*:*:*:*:*

cpe:2.3:a:ikiwiki:ikiwiki:2.64:*:*:*:*:*:*:*

cpe:2.3:a:ikiwiki:ikiwiki:2.65:*:*:*:*:*:*:*

cpe:2.3:a:ikiwiki:ikiwiki:2.66:*:*:*:*:*:*:*

cpe:2.3:a:ikiwiki:ikiwiki:2.67:*:*:*:*:*:*:*

cpe:2.3:a:ikiwiki:ikiwiki:2.68:*:*:*:*:*:*:*

cpe:2.3:a:ikiwiki:ikiwiki:2.69:*:*:*:*:*:*:*

cpe:2.3:a:ikiwiki:ikiwiki:2.70:*:*:*:*:*:*:*

cpe:2.3:a:ikiwiki:ikiwiki:2.71:*:*:*:*:*:*:*

cpe:2.3:a:ikiwiki:ikiwiki:2.72:*:*:*:*:*:*:*

cpe:2.3:a:ikiwiki:ikiwiki:3.0:*:*:*:*:*:*:*

cpe:2.3:a:ikiwiki:ikiwiki:3.00:*:*:*:*:*:*:*

cpe:2.3:a:ikiwiki:ikiwiki:3.01:*:*:*:*:*:*:*

cpe:2.3:a:ikiwiki:ikiwiki:3.02:*:*:*:*:*:*:*

cpe:2.3:a:ikiwiki:ikiwiki:3.03:*:*:*:*:*:*:*

cpe:2.3:a:ikiwiki:ikiwiki:3.04:*:*:*:*:*:*:*

cpe:2.3:a:ikiwiki:ikiwiki:3.06:*:*:*:*:*:*:*

cpe:2.3:a:ikiwiki:ikiwiki:3.07:*:*:*:*:*:*:*

cpe:2.3:a:ikiwiki:ikiwiki:3.08:*:*:*:*:*:*:*

cpe:2.3:a:ikiwiki:ikiwiki:3.09:*:*:*:*:*:*:*

cpe:2.3:a:ikiwiki:ikiwiki:3.10:*:*:*:*:*:*:*

cpe:2.3:a:ikiwiki:ikiwiki:3.11:*:*:*:*:*:*:*

cpe:2.3:a:ikiwiki:ikiwiki:3.12:*:*:*:*:*:*:*

cpe:2.3:a:ikiwiki:ikiwiki:3.13:*:*:*:*:*:*:*

cpe:2.3:a:ikiwiki:ikiwiki:3.14:*:*:*:*:*:*:*

cpe:2.3:a:ikiwiki:ikiwiki:3.141:*:*:*:*:*:*:*

cpe:2.3:a:ikiwiki:ikiwiki:3.1415:*:*:*:*:*:*:*

cpe:2.3:a:ikiwiki:ikiwiki:3.14159:*:*:*:*:*:*:*

EPSS

Процентиль: 67%

0.00531

Низкий

5 Medium

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

CVE-2009-2944

ubuntu

больше 16 лет назад

Incomplete blacklist vulnerability in the teximg plugin in ikiwiki before 3.1415926 and 2.x before 2.53.4 allows context-dependent attackers to read arbitrary files via crafted TeX commands.

CVE-2009-2944

redhat

больше 16 лет назад

Incomplete blacklist vulnerability in the teximg plugin in ikiwiki before 3.1415926 and 2.x before 2.53.4 allows context-dependent attackers to read arbitrary files via crafted TeX commands.

CVE-2009-2944

debian

больше 16 лет назад

Incomplete blacklist vulnerability in the teximg plugin in ikiwiki bef ...

GHSA-x7g4-2h3g-m2w7

github

больше 3 лет назад

Incomplete blacklist vulnerability in the teximg plugin in ikiwiki before 3.1415926 and 2.x before 2.53.4 allows context-dependent attackers to read arbitrary files via crafted TeX commands.

EPSS

Процентиль: 67%

0.00531

Низкий

5 Medium

CVSS2

Дефекты

NVD-CWE-Other