CVE-2005-0239

Опубликовано: 02 мая 2005

Источник: nvd

CVSS2: 7.5

EPSS Низкий

Описание

viewcert.php in the S/MIME plugin 0.4 and 0.5 for Squirrelmail allows remote attackers to execute arbitrary commands via shell metacharacters in the cert parameter.

Ссылки

http://www.idefense.com/application/poi/display?id=191&type=vulnerabilities&flashstatus=false
Vendor Advisory
http://www.kb.cert.org/vuls/id/502328
Patch
Third Party Advisory
US Government Resource
http://www.squirrelmail.org/plugin_view.php?id=54
https://exchange.xforce.ibmcloud.com/vulnerabilities/19242
http://www.idefense.com/application/poi/display?id=191&type=vulnerabilities&flashstatus=false
Vendor Advisory
http://www.kb.cert.org/vuls/id/502328
Patch
Third Party Advisory
US Government Resource
http://www.squirrelmail.org/plugin_view.php?id=54
https://exchange.xforce.ibmcloud.com/vulnerabilities/19242

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:squirrelmail:s_mime_plugin:0.4:*:*:*:*:*:*:*

cpe:2.3:a:squirrelmail:s_mime_plugin:0.5:*:*:*:*:*:*:*

EPSS

Процентиль: 82%

0.01788

Низкий

7.5 High

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-872m-5w27-hc4r

github

почти 4 года назад