[Forgot Password]
Login  Register Subscribe

23631

 
 

115038

 
 

96174

 
 

909

 
 

78077

 
 

109

Paid content will be excluded from the download.


Download | Alert*
CVE
view XML

CVE-2008-5906

Date: (C)2009-01-15   (M)2017-08-08
 
CVSS Score: 6.8Access Vector: NETWORK
Exploitability Subscore: 8.6Access Complexity: MEDIUM
Impact Subscore: 6.4Authentication: NONE
 Confidentiality: PARTIAL
 Integrity: PARTIAL
 Availability: PARTIAL











Eval injection vulnerability in the web interface plugin in KTorrent before 3.1.4 allows remote attackers to execute arbitrary PHP code via unspecified parameters to this interface's PHP scripts.

Reference:
BID-31927
SECUNIA-32442
SECUNIA-32447
SECUNIA-33675
SECUNIA-34003
ADV-2008-2911
GLSA-200902-05
USN-711-1
http://openwall.com/lists/oss-security/2009/01/08/1
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=504178
http://ktorrent.org/?q=node/23
https://bugs.gentoo.org/show_bug.cgi?id=244741
ktorrent-webinterface-code-execution(46118)

CWE    1
CWE-20
OVAL    1
oval:org.secpod.oval:def:700436

© 2013 SecPod Technologies