CyberSec.Space Logo
Back to CVE Browser

CVE-2008-1136

CRITICAL
9.3
CVSS Severity Score
EPSS Score0.0380%
EPSS Percentile5.90th
PublishedMar 4, 2008
Last ModifiedApr 23, 2026

Vulnerability Description

The Utils::runScripts function in src/utils.cpp in vdccm 0.92 through 0.10.0 in SynCE (SynCE-dccm) allows remote attackers to execute arbitrary commands via shell metacharacters in a certain string to TCP port 5679.

Affected Platforms (CPE)

πŸ“¦
Synce

Synce

= 0.10.0
πŸ“¦
Synce

Synce

= 0.92

References & Advisories

πŸ”— http://secunia.com/advisories/29228
πŸ”— http://secunia.com/advisories/29285
πŸ”— http://securityreason.com/securityalert/3710
πŸ”— http://sourceforge.net/forum/forum.php?forum_id=766440
πŸ”— http://www.coresecurity.com/?action=item&id=2070
πŸ”— http://www.securityfocus.com/archive/1/485884/100/0/threaded
πŸ”— http://www.securityfocus.com/bid/27178
πŸ”— http://www.securityfocus.com/bid/28141

Related Vulnerabilities

CVE-2001-098110.0

HP CIFS/9000 Server (SAMBA) A.01.07 and earlier with the "unix password sync" option enabled calls the passwd program without spec...

CVE-2000-049310.0

Buffer overflow in Simple Network Time Sync (SMTS) daemon allows remote attackers to cause a denial of service and possibly execut...

CVE-2021-2879910.0

An improper authorization vulnerability has been reported to affect QNAP NAS running HBS 3 (Hybrid Backup Sync. ) If exploited, th...

CVE-2007-421910.0

Integer overflow in the RPCFN_SYNC_TASK function in StRpcSrv.dll, as used by the ServerProtect service (SpntSvc.exe), in Trend Mic...