CVE-2005-1921

CVSS v2.0

7.5

High

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions PEAR XML RPC versions 1.3.0 and earlier PHPXMLRPC versions 1.1 and earlier

Description The issue allows remote attackers to execute arbitrary PHP code via an XML file, which is not properly sanitized before being used in an eval statement. This affects products such as WordPress, Serendipity, Drupal, egroupware, MailWatch, TikiWiki, phpWebSite, Ampache, and others.

Recommendations For PEAR XML RPC versions 1.3.0 and earlier, update to a version later than 1.3.0 to resolve the issue. For PHPXMLRPC versions 1.1 and earlier, update to a version later than 1.1 to resolve the issue. As a temporary workaround, consider disabling the use of XML files in the affected products until a patch is available. Restrict access to the eval statement in the affected PHP code to minimize the risk of exploitation.

Exploit

Fix

RCE

Code Injection

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-94

Related Identifiers

CVE-2005-1921

DSA-745-1

DSA-746-1

DSA-747-1

DSA-789-1

DTSA-15-1

RHSA-2005:564

RHSA-2005_564

Affected Products

Ampache

Drupal

Mailwatch

Pear Xml Rpc

Phpxmlrpc

Red Hat

Serendipity

Tikiwiki

Wordpress

Egroupware

Phpwebsite

CVE-2005-1921

Weakness Enumeration

Related Identifiers

Affected Products

References · 63