VDB
CVE-2008-0786
CVE-2008-0786
PUBLISHED
CVSS 4.300000190734863 MEDIUM
CRLF injection vulnerability in Cacti 0.8.7 before 0.8.7b and 0.8.6 before 0.8.6k, when running on older PHP interpreters, allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors.
EPSS 1.29% · 80.0th percentile
Risk Scores
CVSS 2.0
4.300000190734863
EPSS Score
1.29%
80.0th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| cacti | cacti | 0.8.1, 0.6.7, 0.8.2a |
| n/a | n/a | n/a |
Timeline
- Feb 14, 2008 CVE Published
- Feb 4, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- May 20, 2022 EPSS Score
- Jul 12, 2022 EPSS Score
- Sep 4, 2022 EPSS Score
- Oct 26, 2022 EPSS Score
- Dec 18, 2022 EPSS Score
- Feb 9, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- Apr 3, 2023 EPSS Score
- May 25, 2023 EPSS Score
References
- FEDORA-2008-1737 vendor-advisory
- 29242 third-party-advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=432758 url
- 3657 third-party-advisory
- SUSE-SR:2008:005 vendor-advisory
- GLSA-200803-18 vendor-advisory
- 28872 third-party-advisory
- MDVSA-2008:052 vendor-advisory
- http://www.cacti.net/release_notes_0_8_7b.php url
- 29274 third-party-advisory
- 20080212 cacti -- Multiple security vulnerabilities have been discovered mailing-list
- http://secunia.com/advisories/28976 technical
- ADV-2008-0540 vdb
- 27749 vdb
- FEDORA-2008-1699 vendor-advisory
- 1019414 vdb
- 20080212 Cacti 0.8.7a Multiple Vulnerabilities mailing-list
- https://nvd.nist.gov/vuln/detail/CVE-2008-0786 advisory