Lucene search

[email protected]CVE-1999-1180

HistoryFeb 16, 1999 - 5:00 a.m.

CVE-1999-1180

1999-02-1605:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

nvd

cve-1999-1180

o'reilly website 1.1e

website pro 2.0

remote code execution

8 High

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.002 Low

EPSS

Percentile

58.7%

JSON

O’Reilly WebSite 1.1e and Website Pro 2.0 allows remote attackers to execute arbitrary commands via shell metacharacters in an argument to (1) args.cmd or (2) args.bat.

CPENameOperatorVersion
oreilly:website_prooreilly website proeq2.0
oreilly:website_prooreilly website proeq2.1
oreilly:websiteoreilly websiteeq1.1e
oreilly:website_prooreilly website prole2.4

CPE	Name	Operator	Version
oreilly:website_pro	oreilly website pro	eq	2.0
oreilly:website_pro	oreilly website pro	eq	2.1
oreilly:website	oreilly website	eq	1.1e
oreilly:website_pro	oreilly website pro	le	2.4

References

oliver.efri.hr/~crv/security/bugs/NT/buffer.html

www.tryc.on.ca/archives/bugtraq/1999_1/0612.html

8 High

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.002 Low

EPSS

Percentile

58.7%

JSON

Related for CVE-1999-1180

nessus1