Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-3554

Overview

Vulnerability Score 5.1 5.1
CVE Id CVE-2005-3554
Last Modified 13 Sep 2011 12:00:00
Published 16 Nov 2005 02:42:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity HIGH
Authentication NONE

CVE-2005-3554

Summary

Multiple eval injection vulnerabilities in the help function in PHPKIT 1.6.1 R2 and earlier, when register_globals is enabled, allow remote attackers to execute arbitrary code on the server via unknown attack vectors involving uninitialized variables.

Vulnerable Systems

Application

  • Phpkit 1.6.02

  • Phpkit 1.6.03

  • Phpkit 1.6.1


References

XF - phpkit-eval-code-execution(23015)

VUPEN - ADV-2005-2344

BID - 15354

OSVDB - 20563

MISC - http://www.hardened-php.net/advisory_212005.80.html

SECTRACK - 1015167

SECUNIA - 17479

BUGTRAQ - 20051105 Advisory 21/2005: Multiple vulnerabilities in PHPKIT


Last Updated: 27 May 2016 10:40:58