Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-2837

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2005-2837
Last Modified 05 Sep 2008 04:52:47
Published 07 Sep 2005 04:03:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2005-2837

Summary

Multiple eval injection vulnerabilities in PlainBlack Software WebGUI before 6.7.3 allow remote attackers to execute arbitrary Perl code via (1) Help.pm, (2) International.pm, or (3) WebGUI.pm.

Vulnerable Systems

Application

  • Plain Black Webgui 5.2.3

  • Plain Black Webgui 5.2.4

  • Plain Black Webgui 6.2

  • Plain Black Webgui 6.2.1

  • Plain Black Webgui 6.2.2

  • Plain Black Webgui 6.2.3

  • Plain Black Webgui 6.2.4

  • Plain Black Webgui 6.2.5

  • Plain Black Webgui 6.2.6

  • Plain Black Webgui 6.2.7

  • Plain Black Webgui 6.2.8

  • Plain Black Webgui 6.2.9

  • Plain Black Webgui 6.3.0

  • Plain Black Webgui 6.4.0

  • Plain Black Webgui 6.5.0 Beta

  • Plain Black Webgui 6.6.0

  • Plain Black Webgui 6.7.0

  • Plain Black Webgui 6.7.1

  • Plain Black Webgui 6.7.2


References

BID - 14732

CONFIRM - http://www.plainblack.com/getwebgui/advisories/security-exploit-found-in-6.x-versions


Last Updated: 27 May 2016 10:40:39