What is the severity of CVE-2008-5185?

CVE-2008-5185 has a severity level associated with denial of service vulnerabilities, which can cause an infinite loop in the application.

How do I fix CVE-2008-5185?

To fix CVE-2008-5185, upgrade GeSHi to version 1.0.8 or later to incorporate security patches.

What software versions are affected by CVE-2008-5185?

CVE-2008-5185 affects GeSHi versions prior to 1.0.8, including versions like 1.0.7.22 and earlier.

Is CVE-2008-5185 exploitable remotely?

Yes, CVE-2008-5185 can be exploited remotely through specially crafted XML input.

What kind of impact does CVE-2008-5185 have on applications?

CVE-2008-5185 can lead to a denial of service, causing the affected application to enter an infinite loop.

Vulnerability/
CVE-2008-5185

medium

CWE

399

21/11/2008

7/8/2024

CVE-2008-5185

First published: Fri Nov 21 2008(Updated: )

The highlighting functionality in geshi.php in GeSHi before 1.0.8 allows remote attackers to cause a denial of service (infinite loop) via an XML sequence containing an opening delimiter without a closing delimiter, as demonstrated using "<".

Credit: cve@mitre.org

Affected Software	Affected Version	How to fix
Geshi	<=1.0.7.22
Geshi	=1.0.7.2
Geshi	=1.0.7.3
Geshi	=1.0.7.17
Geshi	=1.0.7.20
Geshi	=1.0.7.15
Geshi	=1.0.7.19
Geshi	=1.0.4
Geshi	=1.0.7.7
Geshi	=1.0.7.5
Geshi	=1.0.7.6
Geshi	=1.0.7.9
Geshi	=1.0.1
Geshi	=1.0.7.16
Geshi	=1.0.6
Geshi	=1.0.7.4
Geshi	=1.0.7.10
Geshi	=1.0.7.21
Geshi	=1.0.5
Geshi	=1.0.7.14
Geshi	=1.0.7.11
Geshi	=1.0.7.12
Geshi	=1.0.2
Geshi	=1.0.3
Geshi	=1.0.2_beta_1
Geshi	=1.0.7
Geshi	=1.0.0
Geshi	=1.0.7.13
Geshi	=1.0.7.8
Geshi	=1.0.7.18
Geshi	=1.0.7.1

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2008-5185?
CVE-2008-5185 has a severity level associated with denial of service vulnerabilities, which can cause an infinite loop in the application.
How do I fix CVE-2008-5185?
To fix CVE-2008-5185, upgrade GeSHi to version 1.0.8 or later to incorporate security patches.
What software versions are affected by CVE-2008-5185?
CVE-2008-5185 affects GeSHi versions prior to 1.0.8, including versions like 1.0.7.22 and earlier.
Is CVE-2008-5185 exploitable remotely?
Yes, CVE-2008-5185 can be exploited remotely through specially crafted XML input.
What kind of impact does CVE-2008-5185 have on applications?
CVE-2008-5185 can lead to a denial of service, causing the affected application to enter an infinite loop.

agent/references
agent/type
agent/softwarecombine
collector/mitre-cve
source/MITRE
agent/severity
agent/last-modified-date
agent/author
agent/weakness
agent/description
agent/first-publish-date
agent/event
agent/source
agent/tags
collector/nvd-historical
agent/software-canonical-lookup-request
collector/nvd-index
vendor/geshi
canonical/geshi
version/geshi/1.0.7.22
version/geshi/1.0.7.2
version/geshi/1.0.7.3
version/geshi/1.0.7.17
version/geshi/1.0.7.20
version/geshi/1.0.7.15
version/geshi/1.0.7.19
version/geshi/1.0.4
version/geshi/1.0.7.7
version/geshi/1.0.7.5
version/geshi/1.0.7.6
version/geshi/1.0.7.9
version/geshi/1.0.1
version/geshi/1.0.7.16
version/geshi/1.0.6
version/geshi/1.0.7.4
version/geshi/1.0.7.10
version/geshi/1.0.7.21
version/geshi/1.0.5
version/geshi/1.0.7.14
version/geshi/1.0.7.11
version/geshi/1.0.7.12
version/geshi/1.0.2
version/geshi/1.0.3
version/geshi/1.0.2_beta_1
version/geshi/1.0.7
version/geshi/1.0.0
version/geshi/1.0.7.13
version/geshi/1.0.7.8
version/geshi/1.0.7.18
version/geshi/1.0.7.1