Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-1032

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2006-1032
Last Modified 07 Mar 2011 09:31:45
Published 07 Mar 2006 06:02:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2006-1032

Summary

Eval injection vulnerability in the decode function in rpc_decoder.php for phpRPC 0.7 and earlier, as used by runcms, exoops, and possibly other programs, allows remote attackers to execute arbitrary PHP code via the base64 tag.

Vulnerable Systems

Application

  • Phprpc 0.7

  • Phprpc 0.8

  • Phprpc 0.9


References

VUPEN - ADV-2006-0745

BID - 16833

BUGTRAQ - 20060226 phpRPC Library Remote Code Execution

MISC - http://www.gulftech.org/?node=research&article_id=00105-02262006

SECTRACK - 1015691

SREASON - 502

SECUNIA - 19058

SECUNIA - 19028


Last Updated: 27 May 2016 10:41:54