CVE-2008-1040 - OpenCVE

Buffer overflow in the Single Sign-On function in Fujitsu Interstage Application Server 8.0.0 through 8.0.3 and 9.0.0, Interstage Studio 8.0.1 and 9.0.0, and Interstage Apworks 8.0.0 allows remote attackers to execute arbitrary code via a long URI.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

AV:N/AC:L/Au:N/C:C/I:C/A:C

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Fujitsu	Interstage Application Server Enterprise Interstage Application Server Standard J Interstage Apworks Enterprise Interstage Apworks Standard J Interstage Studio Enterprise Interstage Studio Standard J

Configuration 1 [-]

OR	cpe:2.3:a:fujitsu:interstage_application_server_enterprise:8.0.0::rehl_as4_x86:::::
	cpe:2.3:a:fujitsu:interstage_application_server_enterprise:8.0.0::rhel_as4_em64t:::::
	cpe:2.3:a:fujitsu:interstage_application_server_enterprise:8.0.0::solaris:::::
	cpe:2.3:a:fujitsu:interstage_application_server_enterprise:8.0.0::windows:::::
	cpe:2.3:a:fujitsu:interstage_application_server_enterprise:8.0.1::windows:::::
	cpe:2.3:a:fujitsu:interstage_application_server_enterprise:8.0.2::rhel_as4_em64t:::::
	cpe:2.3:a:fujitsu:interstage_application_server_enterprise:8.0.2::rhel_as4_x86:::::
	cpe:2.3:a:fujitsu:interstage_application_server_enterprise:8.0.2::solaris:::::
	cpe:2.3:a:fujitsu:interstage_application_server_enterprise:8.0.2::windows:::::
	cpe:2.3:a:fujitsu:interstage_application_server_enterprise:8.0.3::rhel_as4_em64t:::::
	cpe:2.3:a:fujitsu:interstage_application_server_enterprise:8.0.3::rhel_as4_x86:::::
	cpe:2.3:a:fujitsu:interstage_application_server_enterprise:8.0.3::solaris:::::
	cpe:2.3:a:fujitsu:interstage_application_server_enterprise:8.0.3::windows:::::
	cpe:2.3:a:fujitsu:interstage_application_server_enterprise:v9.0.0::rhel_as4_em64t:::::
	cpe:2.3:a:fujitsu:interstage_application_server_enterprise:v9.0.0::rhel_as4_ipf:::::
	cpe:2.3:a:fujitsu:interstage_application_server_enterprise:v9.0.0::rhel_as4_x86:::::
	cpe:2.3:a:fujitsu:interstage_application_server_enterprise:v9.0.0::rhel5_intel64:::::
	cpe:2.3:a:fujitsu:interstage_application_server_enterprise:v9.0.0::rhel5_ipf:::::
	cpe:2.3:a:fujitsu:interstage_application_server_enterprise:v9.0.0::rhel5_x86:::::
	cpe:2.3:a:fujitsu:interstage_application_server_enterprise:v9.0.0::solaris:::::
	cpe:2.3:a:fujitsu:interstage_application_server_enterprise:v9.0.0::windows:::::
	cpe:2.3:a:fujitsu:interstage_application_server_enterprise:v9.0.0a::rhel_as4_ipf:::::
	cpe:2.3:a:fujitsu:interstage_application_server_enterprise:v9.0.0a::rhel5_ipf:::::
	cpe:2.3:a:fujitsu:interstage_application_server_enterprise:v9.0.0a::windows:::::
	cpe:2.3:a:fujitsu:interstage_application_server_standard_j:8.0.0::rhel_as4_em64t:::::
	cpe:2.3:a:fujitsu:interstage_application_server_standard_j:8.0.0::rhel_as4_x86:::::
	cpe:2.3:a:fujitsu:interstage_application_server_standard_j:8.0.0::solaris:::::
	cpe:2.3:a:fujitsu:interstage_application_server_standard_j:8.0.0::windows:::::
	cpe:2.3:a:fujitsu:interstage_application_server_standard_j:8.0.2::rhel_as4_em64t:::::
	cpe:2.3:a:fujitsu:interstage_application_server_standard_j:8.0.2::rhel_as4_x86:::::
	cpe:2.3:a:fujitsu:interstage_application_server_standard_j:8.0.2::solaris:::::
	cpe:2.3:a:fujitsu:interstage_application_server_standard_j:8.0.2::windows:::::
	cpe:2.3:a:fujitsu:interstage_application_server_standard_j:8.0.3::rhel_as4_em64t:::::
	cpe:2.3:a:fujitsu:interstage_application_server_standard_j:8.0.3::rhel_as4_x86:::::
	cpe:2.3:a:fujitsu:interstage_application_server_standard_j:8.0.3::solaris:::::
	cpe:2.3:a:fujitsu:interstage_application_server_standard_j:8.0.3::windows:::::
	cpe:2.3:a:fujitsu:interstage_application_server_standard_j:v9.0.0.0::rhel_as4_em64t:::::
	cpe:2.3:a:fujitsu:interstage_application_server_standard_j:v9.0.0.0::rhel_as4_ipf:::::
	cpe:2.3:a:fujitsu:interstage_application_server_standard_j:v9.0.0.0::rhel_as4_x86:::::
	cpe:2.3:a:fujitsu:interstage_application_server_standard_j:v9.0.0.0::rhel5_intel64:::::
	cpe:2.3:a:fujitsu:interstage_application_server_standard_j:v9.0.0.0::rhel5_ipf:::::
	cpe:2.3:a:fujitsu:interstage_application_server_standard_j:v9.0.0.0::rhel5_x86:::::
	cpe:2.3:a:fujitsu:interstage_application_server_standard_j:v9.0.0.0::solaris:::::
	cpe:2.3:a:fujitsu:interstage_application_server_standard_j:v9.0.0.0::windows:::::
	cpe:2.3:a:fujitsu:interstage_application_server_standard_j:v9.0.0a::windows:::::
	cpe:2.3:a:fujitsu:interstage_apworks_enterprise:8.0.0::windows:::::
	cpe:2.3:a:fujitsu:interstage_apworks_standard_j:8.0.0::windows:::::
	cpe:2.3:a:fujitsu:interstage_studio_enterprise:8.0.1::windows:::::
	cpe:2.3:a:fujitsu:interstage_studio_enterprise:v9.0.0::windows:::::
	cpe:2.3:a:fujitsu:interstage_studio_standard_j:8.0.1::windows:::::
	cpe:2.3:a:fujitsu:interstage_studio_standard_j:v9.0.0::windows:::::

No data.

References

Link	Providers
http://secunia.com/advisories/29088
http://www.fujitsu.com/global/support/software/security/products-f/interstage-200804e.html
http://www.securityfocus.com/bid/27966
http://www.vupen.com/english/advisories/2008/0662

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2008-02-27T19:00:00

Updated: 2024-08-07T08:08:57.585Z

Reserved: 2008-02-27T00:00:00

Link: CVE-2008-1040

Vulnrichment

No data.

NVD

Status : Modified

Published: 2008-02-27T19:44:00.000

Modified: 2011-03-08T03:05:50.703

Link: CVE-2008-1040

Redhat

No data.

Metrics

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

Affected Vendors & Products

Metrics

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object