Lucene search

K
ubuntucveUbuntu.comUB:CVE-2005-1921
HistoryJul 05, 2005 - 12:00 a.m.

CVE-2005-1921

2005-07-0500:00:00
ubuntu.com
ubuntu.com
16

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.959 High

EPSS

Percentile

99.4%

Eval injection vulnerability in PEAR XML_RPC 1.3.0 and earlier (aka XML-RPC
or xmlrpc) and PHPXMLRPC (aka XML-RPC For PHP or php-xmlrpc) 1.1 and
earlier, as used in products such as (1) WordPress, (2) Serendipity, (3)
Drupal, (4) egroupware, (5) MailWatch, (6) TikiWiki, (7) phpWebSite, (8)
Ampache, and others, allows remote attackers to execute arbitrary PHP code
via an XML file, which is not properly sanitized before being used in an
eval statement.

OSVersionArchitecturePackageVersionFilename
ubuntu6.06noarchphp5< 5.1.2-1ubuntu3.9UNKNOWN
ubuntu6.10noarchphp5< 5.1.6-1ubuntu2.6UNKNOWN
ubuntu7.04noarchphp5< 5.2.1-0ubuntu1.4UNKNOWN
ubuntu6.06noarchegroupware< 1.0.0.009.dfsg-3-4UNKNOWN
ubuntu6.10noarchegroupware< 1.0.0.009.dfsg-3-4UNKNOWN
ubuntu7.04noarchegroupware< 1.0.0.009.dfsg-3-4UNKNOWN

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.959 High

EPSS

Percentile

99.4%

Related for UB:CVE-2005-1921