Lucene search

K
ubuntucveUbuntu.comUB:CVE-2005-2498
HistoryAug 15, 2005 - 12:00 a.m.

CVE-2005-2498

2005-08-1500:00:00
ubuntu.com
ubuntu.com
11

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.012 Low

EPSS

Percentile

85.0%

Eval injection vulnerability in PHPXMLRPC 1.1.1 and earlier (PEAR XML-RPC
for PHP), as used in multiple products including (1) Drupal, (2) phpAdsNew,
(3) phpPgAds, and (4) phpgroupware, allows remote attackers to execute
arbitrary PHP code via certain nested XML tags in a PHP document that
should not be nested, which are injected into an eval function call, a
different vulnerability than CVE-2005-1921.

OSVersionArchitecturePackageVersionFilename
ubuntu6.06noarchdrupal< 4.5.8-1UNKNOWN
ubuntu6.10noarchdrupal< 4.5.8-1UNKNOWN
ubuntu6.06noarchegroupware< 1.0.0.009.dfsg-3-4UNKNOWN
ubuntu6.10noarchegroupware< 1.0.0.009.dfsg-3-4UNKNOWN
ubuntu7.04noarchegroupware< 1.0.0.009.dfsg-3-4UNKNOWN
ubuntu7.10noarchegroupware< 1.0.0.009.dfsg-3-4UNKNOWN
ubuntu8.04noarchegroupware< 1.0.0.009.dfsg-3-4UNKNOWN
ubuntu6.06noarchphp5< 5.1.2-1ubuntu3.9UNKNOWN
ubuntu6.10noarchphp5< 5.1.6-1ubuntu2.6UNKNOWN
ubuntu7.04noarchphp5< 5.2.1-0ubuntu1.4UNKNOWN
Rows per page:
1-10 of 171

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.012 Low

EPSS

Percentile

85.0%