Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-2625

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2005-2625
Last Modified 05 Sep 2008 04:52:15
Published 19 Aug 2005 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2005-2625

Summary

Incomplete blacklist vulnerability in the checkBlacklist function in CPAINT allows remote attackers to execute arbitrary commands via the (1) ExecuteGlobal function or (2) GetRef statement, which is not included in the blacklist.

Vulnerable Systems

Application

  • Cpaint


References

BUGTRAQ - 20050816 RE: Vulnerability found in CPAINT Ajax Toolkit


Last Updated: 27 May 2016 10:40:34