Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-1584

Overview

Vulnerability Score 6.4 6.4
CVE Id CVE-2006-1584
Last Modified 05 Sep 2008 05:02:18
Published 02 Apr 2006 05:04:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2006-1584

Summary

Unspecified vulnerability in index.php in Warcraft III Replay Parser for PHP 1.8c allows remote attackers to inject arbitrary web script or HTML via the page parameter, possibly related to fopen function calls or file uploads. NOTE: post-disclosure analysis by CVE suggests that the "page" parameter is not used in this product, and "id" might be the affected parameter.

Vulnerable Systems

Application

  • Juliusz Julas Gonera Warcraft Iii Replay Parser Php 1.8c


References

BID - 17334

BUGTRAQ - 20060331 Warcraft III Replay Parser Script Remote Command Exucetion Vulnerability And Cross-Site Scripting Attacking

XF - warcraft3-replay-parser-index-file-include(25686)


Last Updated: 27 May 2016 10:42:06