Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2011-5061

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2011-5061
Last Modified 08 Feb 2012 12:00:00
Published 13 Jan 2012 10:57:27
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2011-5061

Summary

functions.php in WHMCompleteSolution (WHMCS) 4.0.x through 5.0.x allows remote attackers to trigger arbitrary code execution in the Smarty templating system by submitting a crafted ticket, related to improper handling of characters in the subject field.

Vulnerable Systems

Application

  • Whmcs 4.2

  • Whmcs Whmcompletesolution 4.0.0

  • Whmcs Whmcompletesolution 4.0.1

  • Whmcs Whmcompletesolution 4.0.2

  • Whmcs Whmcompletesolution 4.1.0

  • Whmcs Whmcompletesolution 4.1.1

  • Whmcs Whmcompletesolution 4.1.2

  • Whmcs Whmcompletesolution 4.2.0

  • Whmcs Whmcompletesolution 4.2.1

  • Whmcs Whmcompletesolution 4.3.0

  • Whmcs Whmcompletesolution 4.3.1

  • Whmcs Whmcompletesolution 4.4.0

  • Whmcs Whmcompletesolution 4.4.1

  • Whmcs Whmcompletesolution 4.4.2

  • Whmcs Whmcompletesolution 4.5.0

  • Whmcs Whmcompletesolution 4.5.1

  • Whmcs Whmcompletesolution 4.5.2

  • Whmcs Whmcompletesolution 5.0.0

  • Whmcs Whmcompletesolution 5.0.1

  • Whmcs Whmcompletesolution 5.0.2

  • Whmcs Whmcompletesolution 5.0.3


References

CONFIRM - http://www.webhostingtalk.com/showpost.php?p=7848685&postcount=35

CONFIRM - http://forum.whmcs.com/showthread.php?t=43462


Last Updated: 27 May 2016 10:57:20