Lucene search

K

MitreCVELIST:CVE-2005-1924

HistoryJul 15, 2007 - 10:00 p.m.

CVE-2005-1924

2007-07-1522:00:00

mitre

www.cve.org

2

AI Score

7

Confidence

Low

EPSS

0.158

Percentile

96.0%

The G/PGP (GPG) Plugin 2.1 and earlier for Squirrelmail allow remote authenticated users to execute arbitrary commands via shell metacharacters in (1) the fpr parameter to the deleteKey function in gpg_keyring.php, as called by (a) import_key_file.php, (b) import_key_text.php, and © keyring_main.php; and (2) the keyserver parameter to the gpg_recv_key function in gpg_key_functions.php, as called by gpg_options.php. NOTE: this issue may overlap CVE-2007-3636.

References

labs.idefense.com/intelligence/vulnerabilities/display.php?id=329

labs.idefense.com/intelligence/vulnerabilities/display.php?id=331

osvdb.org/37923

osvdb.org/37924

secunia.com/advisories/26035

secunia.com/advisories/26424

security.gentoo.org/glsa/glsa-200708-08.xml

www.attrition.org/pipermail/vim/2007-July/001710.html

www.securityfocus.com/archive/1/473370/100/0/threaded

www.securityfocus.com/bid/24874

www.vupen.com/english/advisories/2007/2513

exchange.xforce.ibmcloud.com/vulnerabilities/35355

exchange.xforce.ibmcloud.com/vulnerabilities/35364

www.exploit-db.com/exploits/4173

AI Score

7

Confidence

Low

EPSS

0.158

Percentile

96.0%

Related for CVELIST:CVE-2005-1924

cve3 nvd3 exploitdb3 securityvulns2 prion2 redhatcve2 cvelist2 openvas2 nessus1 gentoo1 seebug1