CVE-2008-2540 Detail
Modified
This vulnerability has been modified since it was last analyzed by the NVD. It is awaiting reanalysis which may result in further changes to the information provided.
Current Description
Apple Safari on Mac OS X, and before 3.1.2 on Windows, does not prompt the user before downloading an object that has an unrecognized content type, which allows remote attackers to place malware into the (1) Desktop directory on Windows or (2) Downloads directory on Mac OS X, and subsequently allows remote attackers to execute arbitrary code on Windows by leveraging an untrusted search path vulnerability in (a) Internet Explorer 7 on Windows XP or (b) the SearchPath function in Windows XP, Vista, and Server 2003 and 2008, aka a "Carpet Bomb" and a "Blended Threat Elevation of Privilege Vulnerability," a different issue than CVE-2008-1032. NOTE: Apple considers this a vulnerability only because the Microsoft products can load application libraries from the desktop and, as of 20080619, has not covered the issue in an advisory for Mac OS X.
Source:
MITRE
Description Last Modified:
06/03/2008
View Analysis Description
Analysis Description
Apple Safari on Mac OS X, and before 3.1.2 on Windows, does not prompt the user before downloading an object that has an unrecognized content type, which allows remote attackers to place malware into the (1) Desktop directory on Windows or (2) Downloads directory on Mac OS X, and subsequently allows remote attackers to execute arbitrary code on Windows by leveraging an untrusted search path vulnerability in (a) Internet Explorer 7 on Windows XP or (b) the SearchPath function in Windows XP, Vista, and Server 2003 and 2008, aka a "Carpet Bomb" and a "Blended Threat Elevation of Privilege Vulnerability," a different issue than CVE-2008-1032. NOTE: Apple considers this a vulnerability only because the Microsoft products can load application libraries from the desktop and, as of 20080619, has not covered the issue in an advisory for Mac OS X.
Source:
MITRE
Description Last Modified:
06/03/2008
Impact
CVSS v2.0 Severity and Metrics:
Base Score:
9.3 HIGH
Vector:
(AV:N/AC:M/Au:N/C:C/I:C/A:C)
(V2 legend)
Impact Subscore:
10.0
Exploitability Subscore:
8.6
Access Vector (AV):
Network
Access Complexity (AC):
Medium
Authentication (AU):
None
Confidentiality (C):
Complete
Integrity (I):
Complete
Availability (A):
Complete
Additional Information:
Victim must voluntarily interact with attack mechanism
Provides administrator access
Allows unauthorized disclosure of information
Allows disruption of service
References to Advisories, Solutions, and Tools
By selecting these links, you will be leaving NIST webspace. We have provided these links to other web sites because
they may have information that would be of interest to you. No inferences should be drawn on account of other sites
being referenced, or not, from this page. There may be other web sites that are more appropriate for your purpose.
NIST does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further,
NIST does not endorse any commercial products that may be mentioned on these sites. Please address comments about
this page to nvd@nist.gov.
Technical Details
Vulnerability Type
(View All)
- Permissions, Privileges, and Access Control (CWE-264)
Change History
11 change records found
- show changes
CVE Modified by MITRE -
10/12/2018 5:47:34 PM
| Action |
Type |
Old Value |
New Value |
| Added |
Reference |
|
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-014 [No Types Assigned] |
| Added |
Reference |
|
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-015 [No Types Assigned] |
| Removed |
Reference |
http://www.microsoft.com/technet/security/Bulletin/MS09-014.mspx [Mitigation, Patch, Vendor Advisory] |
|
| Removed |
Reference |
http://www.microsoft.com/technet/security/bulletin/ms09-015.mspx [Mitigation, Patch, Vendor Advisory] |
|
Reanalysis -
5/9/2018 5:45:28 PM
| Action |
Type |
Old Value |
New Value |
| Added |
CPE Configuration |
|
AND
OR
*cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:* versions up to (excluding) 3.1.2
OR
cpe:2.3:a:microsoft:internet_explorer:7:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_server_2003:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_server_2008:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_vista:-:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_xp:-:*:*:*:*:*:*:* |
| Removed |
CPE Configuration |
Record truncated, showing 500 of 1575 characters.
View Entire Change Record
AND
OR
cpe:2.3:o:microsoft:windows-nt:xp:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows-nt:xp:*:*:*:*:*:x64:*
cpe:2.3:o:microsoft:windows-nt:xp:*:*:*:*:*:x86:*
cpe:2.3:o:microsoft:windows-nt:xp:*:*:*:pro:*:*:*
cpe:2.3:o:microsoft:windows-nt:xp:sp2:*:*:home:*:*:*
cpe:2.3:o:microsoft:windows-nt:xp:sp2:*:*:pro:*:x64:*
cpe:2.3:o:microsoft:windows-nt:xp:sp3:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows-nt:xp:sp3:*:*:*:home:*:*
|
|
Modified Analysis -
11/22/2017 9:10:15 AM
| Action |
Type |
Old Value |
New Value |
| Changed |
CPE Configuration |
Record truncated, showing 500 of 1575 characters.
View Entire Change Record
AND
OR
cpe:2.3:o:microsoft:windows-nt:xp:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows-nt:xp:*:pro:*:*:*:*:*
cpe:2.3:o:microsoft:windows-nt:xp:*:x32:*:*:*:*:*
cpe:2.3:o:microsoft:windows-nt:xp:*:x64:*:*:*:*:*
cpe:2.3:o:microsoft:windows-nt:xp:sp2:home:*:*:*:*:*
cpe:2.3:o:microsoft:windows-nt:xp:sp2:pro:x64:*:*:*:*
cpe:2.3:o:microsoft:windows-nt:xp:sp3:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows-nt:xp:sp3:home:*:*:*:*:*
|
Record truncated, showing 500 of 1575 characters.
View Entire Change Record
AND
OR
cpe:2.3:o:microsoft:windows-nt:xp:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows-nt:xp:*:*:*:*:*:x64:*
cpe:2.3:o:microsoft:windows-nt:xp:*:*:*:*:*:x86:*
cpe:2.3:o:microsoft:windows-nt:xp:*:*:*:pro:*:*:*
cpe:2.3:o:microsoft:windows-nt:xp:sp2:*:*:home:*:*:*
cpe:2.3:o:microsoft:windows-nt:xp:sp2:*:*:pro:*:x64:*
cpe:2.3:o:microsoft:windows-nt:xp:sp3:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows-nt:xp:sp3:*:*:*:home:*:*
|
| Changed |
Reference Type |
http://lists.apple.com/archives/security-announce/2008//Jun/msg00001.html Third Party Advisory |
http://lists.apple.com/archives/security-announce/2008//Jun/msg00001.html Mailing List, Vendor Advisory |
| Changed |
Reference Type |
http://secunia.com/advisories/30467 Permissions Required, Vendor Advisory |
http://secunia.com/advisories/30467 Third Party Advisory |
| Changed |
Reference Type |
https://exchange.xforce.ibmcloud.com/vulnerabilities/42765 No Types Assigned |
https://exchange.xforce.ibmcloud.com/vulnerabilities/42765 Third Party Advisory, VDB Entry |
| Changed |
Reference Type |
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5782 No Types Assigned |
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5782 Third Party Advisory |
| Changed |
Reference Type |
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6108 No Types Assigned |
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6108 Third Party Advisory |
| Changed |
Reference Type |
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8509 No Types Assigned |
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8509 Third Party Advisory |
CVE Modified by MITRE -
9/28/2017 9:31:12 PM
| Action |
Type |
Old Value |
New Value |
| Added |
Reference |
|
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5782 [No Types Assigned] |
| Added |
Reference |
|
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6108 [No Types Assigned] |
| Added |
Reference |
|
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8509 [No Types Assigned] |
| Removed |
Reference |
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:8509 [Broken Link] |
|
| Removed |
Reference |
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:5782 [Broken Link] |
|
| Removed |
Reference |
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:6108 [Broken Link] |
|
CVE Modified by MITRE -
8/7/2017 9:31:08 PM
| Action |
Type |
Old Value |
New Value |
| Added |
Reference |
|
https://exchange.xforce.ibmcloud.com/vulnerabilities/42765 [No Types Assigned] |
| Removed |
Reference |
http://xforce.iss.net/xforce/xfdb/42765 [Third Party Advisory, VDB Entry] |
|
CVE Translated -
11/9/2016 11:45:01 AM
| Action |
Type |
Old Value |
New Value |
| Added |
Translation |
|
Record truncated, showing 500 of 929 characters.
View Entire Change Record
Apple Safari en Mac OS X y en versiones anteriores a 3.1.2 en Windows, no apunta al usuario después de descargar un objeto que tiene un tipo de contenido no reconocido, lo que permite a atacantes remotos incluir malware dentro de (1) el directorio Desktop en Windows o (2) el directorio Downloads en Mac OS X, y posteriormente permite a atacantes remotos ejecutar código arbitrario en Windows aprovechando una vulnerabilidad de ruta de búsqueda no confiable en (a) Internet Explorer 7 en Windows XP o |
| Removed |
Translation |
Record truncated, showing 500 of 576 characters.
View Entire Change Record
Apple Safari no pide confirmación al usuario antes de descargar un objeto que tiene un tipo de contenido no reconocido, lo cual permite a atacantes remotos guardar código malicioso dentro de (1) Desktop directory en Windows o (2) Downloads directory en Mac OS X, también conocido como un "Fichero Bomba," una cuestión diferente a CVE-2008-1032.
NOTA: Apple informa que ha declarado que "nosotros no tratamos esto como un problema de seguridad".
NOTA: Microsoft describe la cuestión en la plataforma |
|
Modified Analysis -
11/8/2016 1:06:52 PM
| Action |
Type |
Old Value |
New Value |
| Changed |
CPE Configuration |
Record truncated, showing 500 of 4344 characters.
View Entire Change Record
Configuration 1
AND
OR
cpe:2.3:o:microsoft:windows-nt:vista:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows-nt:vista:sp1:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows-nt:vista:sp1:business:*:*:*:*:*
cpe:2.3:o:microsoft:windows-nt:vista:sp1:business:64bit:*:*:*:*
cpe:2.3:o:microsoft:windows-nt:vista:sp1:enterprise:*:*:*:*:*
cpe:2.3:o:microsoft:windows-nt:vista:sp1:enterprise:64bit:*:*:*:*
c |
Record truncated, showing 500 of 1731 characters.
View Entire Change Record
Configuration 1
AND
OR
cpe:2.3:o:microsoft:windows-nt:xp:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows-nt:xp:*:pro:*:*:*:*:*
cpe:2.3:o:microsoft:windows-nt:xp:*:x32:*:*:*:*:*
cpe:2.3:o:microsoft:windows-nt:xp:*:x64:*:*:*:*:*
cpe:2.3:o:microsoft:windows-nt:xp:sp2:home:*:*:*:*:*
cpe:2.3:o:microsoft:windows-nt:xp:sp2:pro:x64:*:*:*:*
cpe:2.3:o:microsoft:windows-nt:xp:sp3:*:*:*:*:*:*
|
| Changed |
Reference Type |
http://aviv.raffon.net/2008/05/31/SafariPwnsInternetExplorer.aspx No Types Assigned |
http://aviv.raffon.net/2008/05/31/SafariPwnsInternetExplorer.aspx Third Party Advisory |
| Changed |
Reference Type |
http://blogs.zdnet.com/security/?p=1230 No Types Assigned |
http://blogs.zdnet.com/security/?p=1230 Third Party Advisory |
| Changed |
Reference Type |
http://lists.apple.com/archives/security-announce/2008//Jun/msg00001.html No Types Assigned |
http://lists.apple.com/archives/security-announce/2008//Jun/msg00001.html Third Party Advisory |
| Changed |
Reference Type |
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:5782 No Types Assigned |
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:5782 Broken Link |
| Changed |
Reference Type |
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:6108 No Types Assigned |
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:6108 Broken Link |
| Changed |
Reference Type |
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:8509 No Types Assigned |
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:8509 Broken Link |
| Changed |
Reference Type |
http://secunia.com/advisories/30467 Vendor Advisory |
http://secunia.com/advisories/30467 Permissions Required, Vendor Advisory |
| Changed |
Reference Type |
http://securitytracker.com/id?1020150 No Types Assigned |
http://securitytracker.com/id?1020150 Third Party Advisory, VDB Entry |
| Changed |
Reference Type |
http://support.avaya.com/elmodocs2/security/ASA-2009-133.htm No Types Assigned |
http://support.avaya.com/elmodocs2/security/ASA-2009-133.htm Third Party Advisory |
| Changed |
Reference Type |
http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=871138 No Types Assigned |
http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=871138 Third Party Advisory |
| Changed |
Reference Type |
http://www.dhanjani.com/archives/2008/05/safari_carpet_bomb.html No Types Assigned |
http://www.dhanjani.com/archives/2008/05/safari_carpet_bomb.html Broken Link |
| Changed |
Reference Type |
http://www.microsoft.com/technet/security/advisory/953818.mspx No Types Assigned |
http://www.microsoft.com/technet/security/advisory/953818.mspx Mitigation, Vendor Advisory, Patch |
| Changed |
Reference Type |
http://www.microsoft.com/technet/security/Bulletin/MS09-014.mspx No Types Assigned |
http://www.microsoft.com/technet/security/Bulletin/MS09-014.mspx Mitigation, Vendor Advisory, Patch |
| Changed |
Reference Type |
http://www.microsoft.com/technet/security/bulletin/ms09-015.mspx No Types Assigned |
http://www.microsoft.com/technet/security/bulletin/ms09-015.mspx Mitigation, Vendor Advisory, Patch |
| Changed |
Reference Type |
http://www.securityfocus.com/bid/29445 No Types Assigned |
http://www.securityfocus.com/bid/29445 Third Party Advisory, VDB Entry |
| Changed |
Reference Type |
http://www.securitytracker.com/id?1022047 No Types Assigned |
http://www.securitytracker.com/id?1022047 Third Party Advisory, VDB Entry |
| Changed |
Reference Type |
http://www.us-cert.gov/cas/techalerts/TA09-104A.html US Government Resource |
http://www.us-cert.gov/cas/techalerts/TA09-104A.html Third Party Advisory, US Government Resource |
| Changed |
Reference Type |
http://www.vupen.com/english/advisories/2008/1706 No Types Assigned |
http://www.vupen.com/english/advisories/2008/1706 Broken Link |
| Changed |
Reference Type |
http://www.vupen.com/english/advisories/2009/1028 No Types Assigned |
http://www.vupen.com/english/advisories/2009/1028 Broken Link |
| Changed |
Reference Type |
http://www.vupen.com/english/advisories/2009/1029 No Types Assigned |
http://www.vupen.com/english/advisories/2009/1029 Broken Link |
| Changed |
Reference Type |
http://xforce.iss.net/xforce/xfdb/42765 No Types Assigned |
http://xforce.iss.net/xforce/xfdb/42765 Third Party Advisory, VDB Entry |
Initial CVE Analysis -
11/8/2016 9:49:18 AM
| Action |
Type |
Old Value |
New Value |
| Changed |
CPE Configuration |
Record truncated, showing 500 of 1798 characters.
View Entire Change Record
Configuration 1
AND
OR
cpe:2.3:o:microsoft:windows-nt:xp:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows-nt:xp:*:pro:*:*:*:*:*
cpe:2.3:o:microsoft:windows-nt:xp:*:pro:x64:*:*:*:*
cpe:2.3:o:microsoft:windows-nt:xp:*:x32:*:*:*:*:*
cpe:2.3:o:microsoft:windows-nt:xp:*:x64:*:*:*:*:*
cpe:2.3:o:microsoft:windows-nt:xp:sp2:home:*:*:*:*:*
cpe:2.3:o:microsoft:windows-nt:xp:sp2:pro:x64:*:*:*:*
|
Record truncated, showing 500 of 1731 characters.
View Entire Change Record
Configuration 1
AND
OR
cpe:2.3:o:microsoft:windows-nt:xp:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows-nt:xp:*:pro:*:*:*:*:*
cpe:2.3:o:microsoft:windows-nt:xp:*:x32:*:*:*:*:*
cpe:2.3:o:microsoft:windows-nt:xp:*:x64:*:*:*:*:*
cpe:2.3:o:microsoft:windows-nt:xp:sp2:home:*:*:*:*:*
cpe:2.3:o:microsoft:windows-nt:xp:sp2:pro:x64:*:*:*:*
cpe:2.3:o:microsoft:windows-nt:xp:sp3:*:*:*:*:*:*
|
Initial CVE Analysis -
11/8/2016 9:16:11 AM
| Action |
Type |
Old Value |
New Value |
| Changed |
CPE Configuration |
Record truncated, showing 500 of 2626 characters.
View Entire Change Record
Configuration 1
AND
OR
cpe:2.3:o:microsoft:windows-nt:vista:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows-nt:vista:sp1:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows-nt:vista:sp1:business:*:*:*:*:*
cpe:2.3:o:microsoft:windows-nt:vista:sp1:business:64bit:*:*:*:*
cpe:2.3:o:microsoft:windows-nt:vista:sp1:enterprise:*:*:*:*:*
cpe:2.3:o:microsoft:windows-nt:vista:sp1:enterprise:64bit:*:*:*:*
c |
Record truncated, showing 500 of 1798 characters.
View Entire Change Record
Configuration 1
AND
OR
cpe:2.3:o:microsoft:windows-nt:xp:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows-nt:xp:*:pro:*:*:*:*:*
cpe:2.3:o:microsoft:windows-nt:xp:*:pro:x64:*:*:*:*
cpe:2.3:o:microsoft:windows-nt:xp:*:x32:*:*:*:*:*
cpe:2.3:o:microsoft:windows-nt:xp:*:x64:*:*:*:*:*
cpe:2.3:o:microsoft:windows-nt:xp:sp2:home:*:*:*:*:*
cpe:2.3:o:microsoft:windows-nt:xp:sp2:pro:x64:*:*:*:*
|
Initial CVE Analysis -
11/8/2016 9:05:20 AM
| Action |
Type |
Old Value |
New Value |
| Changed |
CPE Configuration |
Record truncated, showing 500 of 4344 characters.
View Entire Change Record
Configuration 1
AND
OR
cpe:2.3:o:microsoft:windows-nt:vista:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows-nt:vista:sp1:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows-nt:vista:sp1:business:*:*:*:*:*
cpe:2.3:o:microsoft:windows-nt:vista:sp1:business:64bit:*:*:*:*
cpe:2.3:o:microsoft:windows-nt:vista:sp1:enterprise:*:*:*:*:*
cpe:2.3:o:microsoft:windows-nt:vista:sp1:enterprise:64bit:*:*:*:*
c |
Record truncated, showing 500 of 2626 characters.
View Entire Change Record
Configuration 1
AND
OR
cpe:2.3:o:microsoft:windows-nt:vista:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows-nt:vista:sp1:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows-nt:vista:sp1:business:*:*:*:*:*
cpe:2.3:o:microsoft:windows-nt:vista:sp1:business:64bit:*:*:*:*
cpe:2.3:o:microsoft:windows-nt:vista:sp1:enterprise:*:*:*:*:*
cpe:2.3:o:microsoft:windows-nt:vista:sp1:enterprise:64bit:*:*:*:*
c |
| Changed |
Reference Type |
http://aviv.raffon.net/2008/05/31/SafariPwnsInternetExplorer.aspx No Types Assigned |
http://aviv.raffon.net/2008/05/31/SafariPwnsInternetExplorer.aspx Third Party Advisory |
| Changed |
Reference Type |
http://blogs.zdnet.com/security/?p=1230 No Types Assigned |
http://blogs.zdnet.com/security/?p=1230 Third Party Advisory |
| Changed |
Reference Type |
http://lists.apple.com/archives/security-announce/2008//Jun/msg00001.html No Types Assigned |
http://lists.apple.com/archives/security-announce/2008//Jun/msg00001.html Third Party Advisory |
| Changed |
Reference Type |
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:5782 No Types Assigned |
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:5782 Broken Link |
| Changed |
Reference Type |
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:6108 No Types Assigned |
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:6108 Broken Link |
| Changed |
Reference Type |
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:8509 No Types Assigned |
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:8509 Broken Link |
| Changed |
Reference Type |
http://secunia.com/advisories/30467 Vendor Advisory |
http://secunia.com/advisories/30467 Permissions Required, Vendor Advisory |
| Changed |
Reference Type |
http://securitytracker.com/id?1020150 No Types Assigned |
http://securitytracker.com/id?1020150 Third Party Advisory, VDB Entry |
| Changed |
Reference Type |
http://support.avaya.com/elmodocs2/security/ASA-2009-133.htm No Types Assigned |
http://support.avaya.com/elmodocs2/security/ASA-2009-133.htm Third Party Advisory |
| Changed |
Reference Type |
http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=871138 No Types Assigned |
http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=871138 Third Party Advisory |
| Changed |
Reference Type |
http://www.dhanjani.com/archives/2008/05/safari_carpet_bomb.html No Types Assigned |
http://www.dhanjani.com/archives/2008/05/safari_carpet_bomb.html Broken Link |
| Changed |
Reference Type |
http://www.securityfocus.com/bid/29445 No Types Assigned |
http://www.securityfocus.com/bid/29445 Third Party Advisory, VDB Entry |
| Changed |
Reference Type |
http://www.securitytracker.com/id?1022047 No Types Assigned |
http://www.securitytracker.com/id?1022047 Third Party Advisory, VDB Entry |
| Changed |
Reference Type |
http://www.vupen.com/english/advisories/2008/1706 No Types Assigned |
http://www.vupen.com/english/advisories/2008/1706 Broken Link |
| Changed |
Reference Type |
http://www.vupen.com/english/advisories/2009/1028 No Types Assigned |
http://www.vupen.com/english/advisories/2009/1028 Broken Link |
| Changed |
Reference Type |
http://www.vupen.com/english/advisories/2009/1029 No Types Assigned |
http://www.vupen.com/english/advisories/2009/1029 Broken Link |
| Changed |
Reference Type |
http://xforce.iss.net/xforce/xfdb/42765 No Types Assigned |
http://xforce.iss.net/xforce/xfdb/42765 Third Party Advisory, VDB Entry |
Initial CVE Analysis -
6/4/2008 2:09:00 PM
Quick Info
CVE Dictionary Entry:
CVE-2008-2540
NVD Published Date:
06/03/2008
NVD Last Modified:
10/12/2018
|