Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-4495


Vulnerability Score 7.5 7.5
CVE Id CVE-2005-4495
Last Modified 08 Aug 2011 12:00:00
Published 22 Dec 2005 06:03:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE



** DISPUTED ** SQL injection vulnerability in index.cfm in SpireMedia mx7 allows remote attackers to execute arbitrary SQL commands via the cid parameter. NOTE: the vendor has disputed this issue, stating "This information is incorrect, unproven, and potentially slanderous." However, CVE and OSVDB have both performed additional research that suggests that this might be path disclosure from invalid SQL syntax.

Vulnerable Systems


  • Spiremedia Mx7


VUPEN - ADV-2005-3053

BID - 16039

OSVDB - 22066


Last Updated: 27 May 2016 10:41:19