CVE-2008-4811

Опубликовано: 31 окт. 2008

Источник: ubuntu

Приоритет: medium

EPSS Низкий

CVSS2: 7.5

Описание

The _expand_quoted_text function in libs/Smarty_Compiler.class.php in Smarty 2.6.20 r2797 and earlier allows remote attackers to execute arbitrary PHP code via vectors related to templates and a \ (backslash) before a dollar-sign character.

Релиз	Статус	Примечание
dapper	ignored	end of life
devel	not-affected	uses system smarty
hardy	ignored	end of life
intrepid	not-affected	uses system smarty
jaunty	not-affected	uses system smarty
karmic	not-affected	uses system smarty
lucid	not-affected	uses system smarty
maverick	not-affected	uses system smarty
natty	not-affected	uses system smarty
oneiric	not-affected	uses system smarty

Показывать по

Релиз	Статус	Примечание
dapper	ignored	end of life
devel	not-affected	uses system smarty
hardy	released	1.8.2-1ubuntu4.2
intrepid	released	1.8.2-1.2ubuntu2.1
jaunty	not-affected	uses system smarty
karmic	not-affected	uses system smarty
lucid	not-affected	uses system smarty
maverick	not-affected	uses system smarty
natty	not-affected	uses system smarty
oneiric	not-affected	uses system smarty

Показывать по

Релиз	Статус	Примечание
dapper	ignored	end of life
devel	not-affected
gutsy	ignored	end of life, was needed
hardy	ignored	end of life
intrepid	ignored	end of life, was needed
jaunty	not-affected
karmic	not-affected
lucid	not-affected
maverick	not-affected
natty	not-affected

Показывать по

Ссылки на источники

EPSS

Процентиль: 77%

0.01003

Низкий

7.5 High

CVSS2

Связанные уязвимости

CVE-2008-4811

nvd

больше 17 лет назад

CVE-2008-4811

debian

больше 17 лет назад

The _expand_quoted_text function in libs/Smarty_Compiler.class.php in ...

GHSA-w343-xc9v-r5ww

github

больше 3 лет назад

EPSS

Процентиль: 77%

0.01003

Низкий

7.5 High

CVSS2

CVE-2008-4811

Описание

Пакет gallery2

Пакет moodle

Пакет smarty

Ссылки на источники

Связанные уязвимости