Vulnerability Key Information Vulnerability Overview Vulnerability Name: CGIWrap error message can be manipulated to compromise Web browsers CVE ID: CVE-2008-2852 CVSS Score Base Score: 4.3 - Access Vector: Network - Access Complexity: Medium - Authentication: None - Confidentiality Impact: None - Integrity Impact: Partial - Availability Impact: None Temporal Score: 3.7 - Exploitability: High - Remediation Level: Official Fix - Report Confidence: Confirmed Affected Scope Affected Products: - Nathan Neulinger CGIWrap 4.0 - Nathan Neulinger CGIWrap 3.5 - Nathan Neulinger CGIWrap 3.6 - Nathan Neulinger CGIWrap 3.6.1 Dependent Products: - TurboLinux TurboLinux Appliance Server 1.0 Hosting Ed - TurboLinux TurboLinux Appliance Server 1.0 Workgroup Ed - TurboLinux TurboLinux Appliance Server 2.0 - TurboLinux TurboLinux FUJI Consequences Consequence: Gain Access Solution Remediation: Upgrade to the latest version of CGIWrap (4.1 or higher), available from SourceForge.net: Files.