{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-03T16:04:32.599","vulnerabilities":[{"cve":{"id":"CVE-2008-1688","sourceIdentifier":"cve@mitre.org","published":"2008-04-09T19:05:00.000","lastModified":"2026-04-23T00:35:47.467","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Unspecified vulnerability in GNU m4 before 1.4.11 might allow context-dependent attackers to execute arbitrary code, related to improper handling of filenames specified with the -F option.  NOTE: it is not clear when this issue crosses privilege boundaries."},{"lang":"es","value":"Vulnerabilidad no especificada en GNU m4 versiones anteriores a 1.4.11 podría permitir a  atacantes dependientes de contexto ejecutar código se su elección, relacionado con el manejo no apropiado de nombres de ficheros específicados con la opción -F.\r\nNOTA: no está claro cuando esta cuestión cruza fronteras de privilegios.\r\n\r\n"}],"metrics":{"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:P/A:P","baseScore":7.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"HIGH","exploitabilityScore":10.0,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":true,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:gnu:m4:1.4.1:*:*:*:*:*:*:*","matchCriteriaId":"5157211A-80A7-4694-9D45-E1C4CA9DA2C6"},{"vulnerable":true,"criteria":"cpe:2.3:a:gnu:m4:1.4.2:*:*:*:*:*:*:*","matchCriteriaId":"2E10A3A6-8DC0-4BFD-8C4F-4B6B7C5EC03B"},{"vulnerable":true,"criteria":"cpe:2.3:a:gnu:m4:1.4.3:*:*:*:*:*:*:*","matchCriteriaId":"77C4D372-B593-4AF4-A2C1-A5F1657B28EE"},{"vulnerable":true,"criteria":"cpe:2.3:a:gnu:m4:1.4.4:*:*:*:*:*:*:*","matchCriteriaId":"964FCBD7-B697-4D9A-AD73-F5ED3631FBB4"},{"vulnerable":true,"criteria":"cpe:2.3:a:gnu:m4:1.4.5:*:*:*:*:*:*:*","matchCriteriaId":"4BE99BE1-1956-41DB-8E9C-684D3040CEAC"},{"vulnerable":true,"criteria":"cpe:2.3:a:gnu:m4:1.4.6:*:*:*:*:*:*:*","matchCriteriaId":"96348B9C-BB73-404D-8A68-0A96B793BC3D"},{"vulnerable":true,"criteria":"cpe:2.3:a:gnu:m4:1.4.7:*:*:*:*:*:*:*","matchCriteriaId":"4F6DD41B-D8EF-4D1E-B939-9CB0D85D8217"},{"vulnerable":true,"criteria":"cpe:2.3:a:gnu:m4:1.4.8:*:*:*:*:*:*:*","matchCriteriaId":"C62D0160-F302-43A4-A244-DFD92BC9FD49"},{"vulnerable":true,"criteria":"cpe:2.3:a:gnu:m4:1.4.9:*:*:*:*:*:*:*","matchCriteriaId":"886BBA7D-DE20-4A47-9896-E71BA25E9205"},{"vulnerable":true,"criteria":"cpe:2.3:a:gnu:m4:1.4.10:*:*:*:*:*:*:*","matchCriteriaId":"3AF0E0A6-401D-4306-88EC-5FFD207C39BF"}]}]}],"references":[{"url":"http://osvdb.org/44272","source":"cve@mitre.org"},{"url":"http://secunia.com/advisories/29671","source":"cve@mitre.org","tags":["Vendor Advisory"]},{"url":"http://secunia.com/advisories/29729","source":"cve@mitre.org","tags":["Patch","Vendor Advisory"]},{"url":"http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.510612","source":"cve@mitre.org"},{"url":"http://www.openwall.com/lists/oss-security/2008/04/07/1","source":"cve@mitre.org"},{"url":"http://www.openwall.com/lists/oss-security/2008/04/07/3","source":"cve@mitre.org"},{"url":"http://www.securityfocus.com/bid/28688","source":"cve@mitre.org"},{"url":"http://www.vupen.com/english/advisories/2008/1151/references","source":"cve@mitre.org"},{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/41704","source":"cve@mitre.org"},{"url":"http://osvdb.org/44272","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://secunia.com/advisories/29671","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]},{"url":"http://secunia.com/advisories/29729","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Vendor Advisory"]},{"url":"http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.510612","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://www.openwall.com/lists/oss-security/2008/04/07/1","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://www.openwall.com/lists/oss-security/2008/04/07/3","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://www.securityfocus.com/bid/28688","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://www.vupen.com/english/advisories/2008/1151/references","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/41704","source":"af854a3a-2127-422b-91ae-364da2661108"}],"vendorComments":[{"organization":"Red Hat","comment":"Red Hat does not consider this to be a security issue.  After careful analysis of this issue the Red Hat Security Response Team has determined that this bug has no security impact outside of expected m4 behavior.","lastModified":"2008-04-15T00:00:00"}]}}]}