Lucene search

MitreCVE-2003-1456

HistoryOct 23, 2007 - 1:00 a.m.

CVE-2003-1456

2007-10-2301:00:00

CWE-20

mitre

web.nvd.nist.gov

cve-2003-1456

album.pl

remote attack

command execution

alternative configuration file

nvd

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

AI Score

7.4

Confidence

Low

EPSS

0.02

Percentile

89.1%

JSON

Album.pl 6.1 allows remote attackers to execute arbitrary commands, when an alternative configuration file is used, via unknown attack vectors.

Affected configurations

Nvd

Node

linuxlinux_kernel

microsoftall_windows

unixunix

AND

mike_bobbittalbum.plRange≤6.1

VendorProductVersionCPE
linuxlinux_kernel*cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
microsoftall_windows*cpe:2.3:o:microsoft:all_windows:*:*:*:*:*:*:*:*
unixunix*cpe:2.3:o:unix:unix:*:*:*:*:*:*:*:*
mike_bobbittalbum.pl*cpe:2.3:a:mike_bobbitt:album.pl:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
linux	linux_kernel	*	cpe:2.3:o:linux:linux_kernel::::::::
microsoft	all_windows	*	cpe:2.3:o:microsoft:all_windows::::::::
unix	unix	*	cpe:2.3:o:unix:unix::::::::
mike_bobbitt	album.pl	*	cpe:2.3:a:mike_bobbitt:album.pl::::::::

References

perl.bobbitt.ca/yabbse/index.php?board=2%3Baction=display%3Bthreadid=720

securityreason.com/securityalert/3270

www.securityfocus.com/archive/1/319763

www.securityfocus.com/bid/7444

exchange.xforce.ibmcloud.com/vulnerabilities/11878

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

AI Score

7.4

Confidence

Low

EPSS

0.02

Percentile

89.1%

JSON

Related for CVE-2003-1456