CVE-2008-3882

NameCVE-2008-3882
DescriptionUnspecified "Command Injection" vulnerability in ZoneMinder 1.23.3 and earlier allows remote attackers to execute arbitrary commands via (1) the executeFilter function in zm_html_view_events.php and (2) the run_state parameter to zm_html_view_state.php.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)
Debian Bugs497640

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
zoneminder (PTS)bullseye1.34.23-1fixed
sid, bookworm1.36.33+dfsg1-1fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
zonemindersource(unstable)1.24.1-1497640

Search for package or bug name: Reporting problems