Lucene search
Ubuntu.comUB:CVE-2006-2685HistoryMay 31, 2006 - 12:00 a.m.
CVE-2006-2685
2006-05-3100:00:00
ubuntu.com
ubuntu.com
17
4 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:H/Au:N/C:P/I:P/A:N
0.953 High
EPSS
Percentile
99.4%
PHP remote file inclusion vulnerability in Basic Analysis and Security
Engine (BASE) 1.2.4 and earlier, with register_globals enabled, allows
remote attackers to execute arbitrary PHP code via a URL in the BASE_path
parameter to (1) base_qry_common.php, (2) base_stat_common.php, and (3)
includes/base_include.inc.php.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| ubuntu | 6.10 | noarch | acidbase | < 1.2.5-1 | UNKNOWN |
| ubuntu | 7.04 | noarch | acidbase | < 1.2.5-1 | UNKNOWN |
| ubuntu | 7.10 | noarch | acidbase | < 1.2.5-1 | UNKNOWN |
| ubuntu | 8.04 | noarch | acidbase | < 1.2.5-1 | UNKNOWN |
| ubuntu | 8.10 | noarch | acidbase | < 1.2.5-1 | UNKNOWN |
| ubuntu | 9.04 | noarch | acidbase | < 1.2.5-1 | UNKNOWN |
| ubuntu | 9.10 | noarch | acidbase | < 1.2.5-1 | UNKNOWN |
Related
saint
saint
BASE base_qry_common.php file include
2006-06-23 00:00:00
BASE base_qry_common.php file include
2006-06-23 00:00:00
BASE base_qry_common.php file include
2006-06-23 00:00:00
cvelist
cvelist
CVE-2006-2685
2006-05-31 10:00:00
nvd
nvd
CVE-2006-2685
2006-05-31 10:06:00
prion
prion
Remote file inclusion
2006-05-31 10:06:00
cve
cve
CVE-2006-2685
2006-05-31 10:06:00
packetstorm
packetstorm
BASE base_qry_common Remote File Include
2009-10-30 00:00:00
nessus
nessus
BASE Multiple Script BASE_path Parameter Remote File Inclusion
2006-05-27 00:00:00
4 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:H/Au:N/C:P/I:P/A:N
0.953 High
EPSS
Percentile
99.4%
Related for UB:CVE-2006-2685