CVE-2008-0932
The SWORD Project Diatheke < 1.5.9 - Remote Command Execution via Range Parameter
Title source: llmDescription
diatheke.pl in The SWORD Project Diatheke 1.5.9 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the range parameter.
References (13)
Core 13
Core References
Vendor Advisory vendor-advisory
x_refsource_fedora
https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00769.html
Vendor Advisory vendor-advisory
x_refsource_fedora
https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00806.html
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/29012
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/29115
Issue Tracking x_refsource_confirm
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=466449
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/29181
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/25400
Third Party Advisory vendor-advisory
x_refsource_debian
http://www.debian.org/security/2008/dsa-1508
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/27874
Third Party Advisory vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2008/0670/references
Third Party Advisory vendor-advisory
x_refsource_gentoo
http://security.gentoo.org/glsa/glsa-200803-06.xml
Issue Tracking x_refsource_confirm
https://bugzilla.redhat.com/show_bug.cgi?id=433723
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/27987
Scores
EPSS
0.0290
EPSS Percentile
85.3%
Details
CWE
CWE-20
Status
published
Products (2)
the_sword_project/diatheke_front_end
< 1.5.9
the_sword_project/sword
< 1.5.9
Published
Feb 25, 2008
Tracked Since
Feb 18, 2026