| |
Vulnerability CVE-2005-2625
Published: 2005-08-19 Modified: 2012-02-12
| Description: |
Incomplete blacklist vulnerability in the checkBlacklist function in CPAINT allows remote attackers to execute arbitrary commands via the (1) ExecuteGlobal function or (2) GetRef statement, which is not included in the blacklist. |
CVSS2 => (AV:N/AC:L/Au:N/C:P/I:P/A:P)
| CVSS Base Score |
Impact Subscore |
Exploitability Subscore |
7.5/10 |
6.4/10 |
10/10 |
| Exploit range |
Attack complexity |
Authentication |
Remote |
Low |
No required |
| Confidentiality impact |
Integrity impact |
Availability impact |
Partial |
Partial |
Partial |
References: |
http://marc.theaimsgroup.com/?l=bugtraq&m=112421484419768&w=2
|
|
|
Copyright 2024, cxsecurity.com
|
|
|
