Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-1599

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2006-1599
Last Modified 07 Mar 2011 09:33:24
Published 03 Apr 2006 01:04:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2006-1599

Summary

Unspecified vulnerability in VCEngine.php in v-creator before 1.3-pre3, when the VC_CRYPTO_METHOD option is OPENSSL, allows remote attackers to execute arbitrary commands, possibly due to problems in the (1) enrypt and (2) decrypt functions.

Vulnerable Systems

Application

  • V-creator.com V-creator 1.3 Pre2


References

XF - vcreator-vcengine-command-execution(25560)

SECUNIA - 19453

VUPEN - ADV-2006-1189

BID - 17328

CONFIRM - http://sourceforge.net/forum/forum.php?forum_id=557129

OSVDB - 24304


Last Updated: 27 May 2016 10:42:08