Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-4087

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2005-4087
Last Modified 05 Sep 2008 04:56:05
Published 08 Dec 2005 06:03:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2005-4087

Summary

PHP remote file include vulnerability in acceptDecline.php in Sugar Suite Open Source Customer Relationship Management (SugarCRM) 4.0 beta and earlier allows remote attackers to execute arbitrary PHP code via a URL in the beanFiles array parameter.

Vulnerable Systems

Application

  • Sugarcrm Sugar Suite 3.5

  • Sugarcrm Sugar Suite 4.0 Beta


References

XF - sugarsuite-acceptdecline-file-include(23541)

BID - 15760

BUGTRAQ - 20051207 SugarSuite Open Source <= 4.0beta Remote code execution

SREASON - 239


Last Updated: 27 May 2016 10:41:11