Lucene search

[email protected]CVE-2001-1187

HistoryDec 11, 2001 - 5:00 a.m.

CVE-2001-1187

2001-12-1105:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2001-1187

csvform.pl

remote attack

command execution

nvd

8.4 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.022 Low

EPSS

Percentile

89.2%

JSON

csvform.pl 0.1 allows remote attackers to execute arbitrary commands via metacharacters in the file parameter.

CPENameOperatorVersion
mutasem_abudahab:csvform_plusmutasem abudahab csvform pluseq1.0
mutasem_abudahab:csvformmutasem abudahab csvformeq0.1

CPE	Name	Operator	Version
mutasem_abudahab:csvform_plus	mutasem abudahab csvform plus	eq	1.0
mutasem_abudahab:csvform	mutasem abudahab csvform	eq	0.1

References

online.securityfocus.com/archive/1/244908

www.iss.net/security_center/static/7692.php

www.securityfocus.com/bid/3668

8.4 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.022 Low

EPSS

Percentile

89.2%

JSON