PT-2006-5993 · Asbru+1 · Asbru Website Manager+3

Publicado

2006-10-12

Atualizado

2011-06-13

CVE-2006-5258

CVSS v2.0

5.1

Média

Vetor

AV:N/AC:H/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions Asbru Web Content Management versions prior to 6.1.22 Asbru Web Content Editor versions prior to 6.0.22 Asbru Website Manager versions prior to 6.0.22

Description The issue allows remote attackers to execute arbitrary commands due to a lack of sanitization in an unspecified parameter before invoking Aspell in the spell checking component.

Recommendations For Asbru Web Content Management versions prior to 6.1.22, update to version 6.1.22 or later. For Asbru Web Content Editor versions prior to 6.0.22, update to version 6.0.22 or later. For Asbru Website Manager versions prior to 6.0.22, update to version 6.0.22 or later.

Correção

Code Injection

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-94

Identificadores relacionados

CVE-2006-5258

Produtos afetados

Asbru Web Content Editor

Asbru Web Content Management

Asbru Website Manager

Aspell

PT-2006-5993 · Asbru+1 · Asbru Website Manager+3

CVE-2006-5258

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 11