CVE-2005-1921

HIGH

Description

Eval injection vulnerability in PEAR XML_RPC 1.3.0 and earlier (aka XML-RPC or xmlrpc) and PHPXMLRPC (aka XML-RPC For PHP or php-xmlrpc) 1.1 and earlier, as used in products such as (1) WordPress, (2) Serendipity, (3) Drupal, (4) egroupware, (5) MailWatch, (6) TikiWiki, (7) phpWebSite, (8) Ampache, and others, allows remote attackers to execute arbitrary PHP code via an XML file, which is not properly sanitized before being used in an eval statement.

References

http://marc.info/?l=bugtraq&m=112008638320145&w=2

http://marc.info/?l=bugtraq&m=112015336720867&w=2

http://marc.info/?l=bugtraq&m=112605112027335&w=2

http://pear.php.net/package/XML_RPC/download/1.3.1

http://secunia.com/advisories/15810

http://secunia.com/advisories/15852

http://secunia.com/advisories/15855

http://secunia.com/advisories/15861

http://secunia.com/advisories/15872

http://secunia.com/advisories/15883

http://secunia.com/advisories/15884

http://secunia.com/advisories/15895

http://secunia.com/advisories/15903

http://secunia.com/advisories/15904

http://secunia.com/advisories/15916

http://secunia.com/advisories/15917

http://secunia.com/advisories/15922

http://secunia.com/advisories/15944

http://secunia.com/advisories/15947

http://secunia.com/advisories/15957

http://secunia.com/advisories/16001

http://secunia.com/advisories/16339

http://secunia.com/advisories/16693

http://secunia.com/advisories/17440

http://secunia.com/advisories/17674

http://secunia.com/advisories/18003

http://security.gentoo.org/glsa/glsa-200507-01.xml

http://security.gentoo.org/glsa/glsa-200507-06.xml

http://security.gentoo.org/glsa/glsa-200507-07.xml

http://securitytracker.com/id?1015336

http://sourceforge.net/project/showfiles.php?group_id=87163

http://sourceforge.net/project/shownotes.php?release_id=338803

http://www.ampache.org/announce/3_3_1_2.php

http://www.debian.org/security/2005/dsa-745

http://www.debian.org/security/2005/dsa-746

http://www.debian.org/security/2005/dsa-747

http://www.debian.org/security/2005/dsa-789

http://www.drupal.org/security/drupal-sa-2005-003/advisory.txt

http://www.gulftech.org/?node=research&article_id=00087-07012005

http://www.hardened-php.net/advisory-022005.php

http://www.mandriva.com/security/advisories?name=MDKSA-2005:109

http://www.novell.com/linux/security/advisories/2005_18_sr.html

http://www.novell.com/linux/security/advisories/2005_41_php_pear.html

http://www.novell.com/linux/security/advisories/2005_49_php.html

http://www.redhat.com/support/errata/RHSA-2005-564.html

http://www.securityfocus.com/archive/1/419064/100/0/threaded

http://www.securityfocus.com/bid/14088

http://www.vupen.com/english/advisories/2005/2827

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11294

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A350

Details

Source: MITRE

Published: 2005-07-05

Updated: 2018-10-19

Risk Information

CVSS v2.0

Base Score: 7.5

Vector: (AV:N/AC:L/Au:N/C:P/I:P/A:P)

Impact Score: 6.4

Exploitability Score: 10

Severity: HIGH