Lucene search

K
cve[email protected]CVE-2002-1650
HistoryMar 28, 2005 - 5:00 a.m.

CVE-2002-1650

2005-03-2805:00:00
web.nvd.nist.gov
27
squirrelmail
spell checker
remote attack
arbitrary commands
cve-2002-1650
nvd

7.7 High

AI Score

Confidence

High

7.5 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.015 Low

EPSS

Percentile

86.8%

The spell checker plugin (check_me.mod.php) for SquirrelMail before 1.2.3 allows remote attackers to execute arbitrary commands via a modified sqspell_command parameter.

Affected configurations

NVD
Node
squirrelmailsquirrelmailMatch1.2.2

7.7 High

AI Score

Confidence

High

7.5 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.015 Low

EPSS

Percentile

86.8%

Related for CVE-2002-1650