[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

248268

 
 

909

 
 

195051

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2006-5258Date: (C)2006-10-12   (M)2023-12-22


The spell checking component of (1) Asbru Web Content Management before 6.1.22, (2) Asbru Web Content Editor before 6.0.22, and (3) Asbru Website Manager before 6.0.22 allows remote attackers to execute arbitrary commands via an unspecified parameter that is not sanitized before Aspell is invoked.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 5.1
Exploit Score: 4.9
Impact Score: 6.4
 
CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: HIGH
Authentication: NONE
Confidentiality: PARTIAL
Integrity: PARTIAL
Availability: PARTIAL
  
Reference:
http://archives.neohapsis.com/archives/fulldisclosure/2006-10/0306.html
BID-20544
SECUNIA-22344
SECUNIA-22353
SECUNIA-22472
ADV-2006-4004
ADV-2006-4060
ADV-2006-4061
http://editor.asbrusoft.com/page.php/id=727
http://wcm.asbrusoft.com/page.php/id=791

CWE    1
CWE-94

© SecPod Technologies