Vulnerability Details CVE-2008-6935
Argument injection vulnerability in Exodus 0.10 allows remote attackers to inject arbitrary command line arguments, overwrite arbitrary files, and cause a denial of service via encoded spaces in an im:// URI.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.283
EPSS Ranking 96.5%
CVSS Severity
CVSS v2 Score 10.0
References
- http://osvdb.org/49888
- http://retrogod.altervista.org/exodus_uri.html
- http://secunia.com/advisories/32729
- http://www.securityfocus.com/archive/1/498389/100/0/threaded
- http://www.securityfocus.com/bid/32330
- http://www.vupen.com/english/advisories/2008/3191
- https://exchange.xforce.ibmcloud.com/vulnerabilities/46663
- https://www.exploit-db.com/exploits/7145
- https://www.exploit-db.com/exploits/7167
- http://osvdb.org/49888
- http://retrogod.altervista.org/exodus_uri.html
- http://secunia.com/advisories/32729
- http://www.securityfocus.com/archive/1/498389/100/0/threaded
- http://www.securityfocus.com/bid/32330
- http://www.vupen.com/english/advisories/2008/3191
- https://exchange.xforce.ibmcloud.com/vulnerabilities/46663
- https://www.exploit-db.com/exploits/7145
- https://www.exploit-db.com/exploits/7167
Products affected by CVE-2008-6935
-
cpe:2.3:a:joe_fuhrman:exodus:0.10