Lucene search

[email protected]CVE-2003-1410

HistoryOct 20, 2007 - 10:00 a.m.

CVE-2003-1410

2007-10-2010:00:00

CWE-94

[email protected]

web.nvd.nist.gov

cve-2003-1410

php

remote file inclusion

vulnerability

email.php

email.php3

cedric email reader

nvd

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

8 High

AI Score

Confidence

Low

0.068 Low

EPSS

Percentile

93.9%

JSON

PHP remote file inclusion vulnerability in email.php (aka email.php3) in Cedric Email Reader 0.2 and 0.3 allows remote attackers to execute arbitrary PHP code via the cer_skin parameter.

Affected configurations

NVD

Node

isocacedric_email_readerMatch0.2

isocacedric_email_readerMatch0.3

CPENameOperatorVersion
isoca:cedric_email_readerisoca cedric email readereq0.2
isoca:cedric_email_readerisoca cedric email readereq0.3

CPE	Name	Operator	Version
isoca:cedric_email_reader	isoca cedric email reader	eq	0.2
isoca:cedric_email_reader	isoca cedric email reader	eq	0.3

References

secunia.com/advisories/8024

www.osvdb.org/5487

www.securityfocus.com/archive/1/311173

www.securityfocus.com/bid/6818

exchange.xforce.ibmcloud.com/vulnerabilities/11278

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

8 High

AI Score

Confidence

Low

0.068 Low

EPSS

Percentile

93.9%

JSON

Related for CVE-2003-1410

cvelist1 nvd1