Vulnerability Database

296,334

Total vulnerabilities in the database

CVE-2008-1688

Unspecified vulnerability in GNU m4 before 1.4.11 might allow context-dependent attackers to execute arbitrary code, related to improper handling of filenames specified with the -F option. NOTE: it is not clear when this issue crosses privilege boundaries.

  • Published: Apr 9, 2008
  • Updated: Apr 13, 2023
  • CVE: CVE-2008-1688
  • Severity: High
  • Exploit:

CVSS v2:

  • Severity: High
  • Score: 7.5
  • AV:N/AC:L/Au:N/C:P/I:P/A:P

No CWE or OWASP classifications available.

Software From Fixed in
gnu / m4 1.4.8 1.4.8.x
gnu / m4 1.4.10 1.4.10.x
gnu / m4 1.4.3 1.4.3.x
gnu / m4 1.4.6 1.4.6.x
gnu / m4 1.4.9 1.4.9.x
gnu / m4 1.4.7 1.4.7.x
gnu / m4 1.4.1 1.4.1.x
gnu / m4 1.4.4 1.4.4.x
gnu / m4 1.4.2 1.4.2.x
gnu / m4 1.4.5 1.4.5.x