Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-3549

Overview

Vulnerability Score 6.5 6.5
CVE Id CVE-2005-3549
Last Modified 05 Sep 2008 04:54:41
Published 16 Nov 2005 02:42:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication SINGLE_INSTANCE

CVE-2005-3549

Summary

Direct code injection vulnerability in Task Manager in Invision Power Board 2.0.1 allows limited remote attackers to execute arbitrary code by referencing the file in "Task PHP File To Run" field and selecting "Run Task Now".

Vulnerable Systems

Application

  • Invision Power Services Invision Board 2.0.1


References

SECUNIA - 17443

BUGTRAQ - 20051104 Invision Power Board Privilege Esaclation (2.0.1 + more)

XF - ipb-taskmanager-code-execution(40003)


Last Updated: 27 May 2016 10:40:58