Lucene search

K
cve[email protected]CVE-2005-4154
HistoryDec 11, 2005 - 2:03 a.m.

CVE-2005-4154

2005-12-1102:03:00
NVD-CWE-noinfo
web.nvd.nist.gov
24
vulnerability
pear installer
user-assisted attackers
arbitrary code
crafted package
cve-2005-4154
nvd

7.6 High

AI Score

Confidence

High

5.1 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:H/Au:N/C:P/I:P/A:P

0.01 Low

EPSS

Percentile

83.4%

Unspecified vulnerability in PEAR installer 1.4.2 and earlier allows user-assisted attackers to execute arbitrary code via a crafted package that can execute code when the pear command is executed or when the Web/Gtk frontend is loaded.

7.6 High

AI Score

Confidence

High

5.1 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:H/Au:N/C:P/I:P/A:P

0.01 Low

EPSS

Percentile

83.4%

Related for CVE-2005-4154