Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2007-6550

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2007-6550
Last Modified 07 Mar 2011 10:03:10
Published 27 Dec 2007 07:46:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2007-6550

Summary

form.php in PMOS Help Desk 2.4 and earlier sends a redirect to the web browser but does not exit, which allows remote attackers to conduct eval injection attacks and execute arbitrary PHP code via the options array parameter.

Vulnerable Systems

Application

  • Pmos Helpdesk 2.4


References

VUPEN - ADV-2007-4321

MILW0RM - 4789

OSVDB - 42662

XF - pmoshelpdesk-form-code-execution(39274)

BID - 27032

SECUNIA - 28201


Last Updated: 27 May 2016 10:46:32