Vulnerability CVE-2006-6454


Published: 2006-12-10   Modified: 2012-02-12

Description:
execInBackground.php in J-OWAMP Web Interface 2.1b and earlier allows remote attackers to execute arbitrary commands via shell metacharacters to the (1) exe and (2) args parameters, which are used in an exec function call. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

CVSS2 => (AV:N/AC:L/Au:N/C:C/I:C/A:C)

CVSS Base Score
Impact Subscore
Exploitability Subscore
10/10
10/10
10/10
Exploit range
Attack complexity
Authentication
Remote
Low
No required
Confidentiality impact
Integrity impact
Availability impact
Complete
Complete
Complete
Affected software
J-owamp -> Web interface 

 References:
http://www.vupen.com/english/advisories/2006/4905
https://exchange.xforce.ibmcloud.com/vulnerabilities/30781

Copyright 2024, cxsecurity.com

 

Back to Top