CVE-2008-2230
reportbug 3.8 and 3.31 - Unauthenticated Remote Code Execution via Malicious Module File
Title source: llmDescription
Untrusted search path vulnerability in (1) reportbug 3.8 and 3.31, and (2) reportbug-ng before 0.2008.06.04, allows local users to execute arbitrary code via a malicious module file in the current working directory.
References (3)
Core 3
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/43001
Exploit x_refsource_confirm
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=484311
Exploit x_refsource_confirm
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=484474
Scores
EPSS
0.0053
EPSS Percentile
40.6%
Details
CWE
CWE-94
Status
published
Products (41)
reportbug-ng/reportbug
3.8
reportbug-ng/reportbug
3.31
reportbug-ng/reportbug-ng
0.2007.03.10
reportbug-ng/reportbug-ng
0.2007.03.11
reportbug-ng/reportbug-ng
0.2007.03.13
reportbug-ng/reportbug-ng
0.2007.03.14
reportbug-ng/reportbug-ng
0.2007.03.15
reportbug-ng/reportbug-ng
0.2007.03.17
reportbug-ng/reportbug-ng
0.2007.03.19
reportbug-ng/reportbug-ng
0.2007.03.19.2
... and 31 more
Published
Jun 11, 2008
Tracked Since
Feb 18, 2026