Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-2682

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2005-2682
Last Modified 10 Sep 2008 03:43:04
Published 23 Aug 2005 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2005-2682

Summary

aspell_setup.php in the SpellChecker plugin in DTLink AreaEdit before 0.4.3 allows remote attackers to execute arbitrary commands via shell metacharacters in the dictionary parameter (aka the lang variable).

Vulnerable Systems

Application

  • Dtlink Areaedit 0.4.2


References

CONFIRM - http://www.formvista.com/otherprojects/areaedit

SECUNIA - 16511

CONFIRM - http://www.formvista.com/forum.html?COMP=forum&cmd=view_thread&(fvs)cs_forums_threads_ref=47


Last Updated: 27 May 2016 10:40:36