CVEブラウザに戻る

CVE-2008-7173

CRITICAL

10.0

CVSS Severity Score

EPSS Score0.0870%

EPSS Percentile43.06th

Published2009年9月8日

Last Modified2026年4月23日

Vulnerability Description

The Jura Internet Connection Kit for the Jura Impressa F90 coffee maker does not properly restrict access to privileged functions, which allows remote attackers to cause a denial of service (physical damage), modify coffee settings, and possibly execute code via a crafted request. NOTE: this issue is being included in CVE because the denial of service may include financial loss or water damage.

Affected Platforms (CPE)

📦

Juracapecoffee

Internet Connectivity Kit

All versions

References & Advisories

🔗 http://attrition.org/pipermail/vim/2008-June/002002.html

🔗 http://news.cnet.com/8301-10784_3-9970757-7.html

🔗 http://osvdb.org/46407

🔗 http://www.securityfocus.com/archive/1/493387/100/0/threaded

🔗 http://www.securityfocus.com/archive/1/493433/100/0/threaded

🔗 http://www.securityfocus.com/archive/1/493440/100/0/threaded

🔗 http://www.securityfocus.com/bid/29767

🔗 http://attrition.org/pipermail/vim/2008-June/002002.html

関連する脆弱性情報

CVE-2008-717410.0

Multiple buffer overflows in the Jura Internet Connection Kit for the Jura Impressa F90 coffee maker allow remote attackers to cau...

CVE-2007-26237.8

Multiple buffer overflows in RControl.dll in Remote Display Dev kit 1.2.1.0 allow remote attackers to cause a denial of service (I...

CVE-2008-665110.0

Static code injection vulnerability in edithistory.php in OxYProject OxYBox 0.85 allows remote attackers to inject arbitrary PHP c...

CVE-2008-034310.0

Unspecified vulnerability in the Oracle Spatial component in Oracle Database 9.0.1.5 FIPS+, 9.2.0.8, 9.2.0.8DV, and 10.1.0.5 has u...