Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2001-1290

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2001-1290
Last Modified 10 Sep 2008 03:10:11
Published 28 Jun 2001 12:00:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2001-1290

Summary

admin.cgi in Active Classifieds Free Edition 1.0, and possibly commercial versions, allows remote attackers to modify the configuration, gain privileges, and execute arbitrary Perl code via the table_width parameter.

Vulnerable Systems

Application

  • Active Web Suite Technologies Active Classifieds 1.0


References

XF - active-classifieds-admin-access(6754)

BUGTRAQ - 20010627 Active Web Classifieds failure to authenticate leads to arbitrary code execution

BID - 2942

OSVDB - 12326


Last Updated: 27 May 2016 10:36:36