Vulnerability Description
Untrusted search path and argument injection vulnerability in the VersantD service in Versant Object Database 7.0.1.3 and earlier, as used in Borland CaliberRM and probably other products, allows remote attackers to execute arbitrary commands via a request to TCP port 5019 with a modified VERSANT_ROOT field.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Versant | Versant Object Database | <= 7.0.1.3 |
References
- http://aluigi.altervista.org/adv/versantcmd-adv.txtExploit
- http://marc.info/?l=bugtraq&m=120468784112145&w=2
- http://secunia.com/advisories/29230Vendor Advisory
- http://securityreason.com/securityalert/3738Exploit
- http://www.securityfocus.com/archive/1/489139/100/0/threaded
- http://www.securityfocus.com/bid/28097Exploit
- http://www.vupen.com/english/advisories/2008/0764/references
- https://exchange.xforce.ibmcloud.com/vulnerabilities/40997
- https://www.exploit-db.com/exploits/5213
- http://aluigi.altervista.org/adv/versantcmd-adv.txtExploit
- http://marc.info/?l=bugtraq&m=120468784112145&w=2
- http://secunia.com/advisories/29230Vendor Advisory
- http://securityreason.com/securityalert/3738Exploit
- http://www.securityfocus.com/archive/1/489139/100/0/threaded
- http://www.securityfocus.com/bid/28097Exploit
FAQ
What is CVE-2008-1319?
CVE-2008-1319 is a vulnerability with a CVSS score of 9.3 (HIGH). Untrusted search path and argument injection vulnerability in the VersantD service in Versant Object Database 7.0.1.3 and earlier, as used in Borland CaliberRM and probably other products, allows remo...
How severe is CVE-2008-1319?
CVE-2008-1319 has been rated HIGH with a CVSS base score of 9.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2008-1319?
Check the references section above for vendor advisories and patch information. Affected products include: Versant Versant Object Database.