Anfälligkeitssuche        Suche in 172616 CVE Beschreibungen
und 81291 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

CVE Kennung:CAN-2005-2498
Beschreibung:Eval injection vulnerability in PHPXMLRPC 1.1.1 and earlier (PEAR XML- RPC for PHP), as used in multiple products including (1) Drupal, (2) phpAdsNew, (3) phpPgAds, and (4) phpgroupware, allows remote attackers to execute arbitrary PHP code via certain nested XML tags in a PHP document that should not be nested, which are injected into an eval function call, a different vulnerability than CVE-2005-1921.
Test Kennungen:  
Querverweise: Common Vulnerability Exposure (CVE) ID: CVE-2005-2498
BugTraq ID: 14560
Bugtraq: 20050815 Advisory 15/2005: PHPXMLRPC Remote PHP Code Injection Vulnerability (Google Search)
Bugtraq: 20050815 [DRUPAL-SA-2005-004] Drupal 4.6.3 / 4.5.5 fixes critical XML-RPC issue (Google Search)
Bugtraq: 20050817 [PHPADSNEW-SA-2005-001] phpAdsNew and phpPgAds 2.0.6 fix multiple vulnerabilities (Google Search)
Debian Security Information: DSA-789 (Google Search)
Debian Security Information: DSA-798 (Google Search)
Debian Security Information: DSA-840 (Google Search)
Debian Security Information: DSA-842 (Google Search)
RedHat Security Advisories: RHSA-2005:748
SuSE Security Announcement: SUSE-SA:2005:049 (Google Search)
SuSE Security Announcement: SUSE-SA:2005:051 (Google Search)

© 1998-2020 E-Soft Inc. Alle Rechte vorbehalten.