mirror of
https://github.com/CVEProject/cvelist.git
synced 2025-08-04 08:44:25 +00:00
88 lines
2.5 KiB
JSON
88 lines
2.5 KiB
JSON
{
|
|
"CVE_data_meta" : {
|
|
"ASSIGNER" : "cve@mitre.org",
|
|
"ID" : "CVE-2005-3823",
|
|
"STATE" : "PUBLIC"
|
|
},
|
|
"affects" : {
|
|
"vendor" : {
|
|
"vendor_data" : [
|
|
{
|
|
"product" : {
|
|
"product_data" : [
|
|
{
|
|
"product_name" : "n/a",
|
|
"version" : {
|
|
"version_data" : [
|
|
{
|
|
"version_value" : "n/a"
|
|
}
|
|
]
|
|
}
|
|
}
|
|
]
|
|
},
|
|
"vendor_name" : "n/a"
|
|
}
|
|
]
|
|
}
|
|
},
|
|
"data_format" : "MITRE",
|
|
"data_type" : "CVE",
|
|
"data_version" : "4.0",
|
|
"description" : {
|
|
"description_data" : [
|
|
{
|
|
"lang" : "eng",
|
|
"value" : "The Users module in vTiger CRM 4.2 and earlier allows remote attackers to execute arbitrary PHP code via an arbitrary file in the templatename parameter, which is passed to the eval function."
|
|
}
|
|
]
|
|
},
|
|
"problemtype" : {
|
|
"problemtype_data" : [
|
|
{
|
|
"description" : [
|
|
{
|
|
"lang" : "eng",
|
|
"value" : "n/a"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
"references" : {
|
|
"reference_data" : [
|
|
{
|
|
"name" : "20051125 SEC Consult SA-20051125-0 :: More Vulnerabilities in vTiger CRM ",
|
|
"refsource" : "FULLDISC",
|
|
"url" : "http://marc.info/?l=full-disclosure&m=113290708121951&w=2"
|
|
},
|
|
{
|
|
"name" : "20051125 SEC Consult SA-20051125-0 :: More Vulnerabilities in vTiger CRM ",
|
|
"refsource" : "BUGTRAQ",
|
|
"url" : "http://www.securityfocus.com/archive/1/417711/30/0/threaded"
|
|
},
|
|
{
|
|
"name" : "15569",
|
|
"refsource" : "BID",
|
|
"url" : "http://www.securityfocus.com/bid/15569"
|
|
},
|
|
{
|
|
"name" : "ADV-2005-2569",
|
|
"refsource" : "VUPEN",
|
|
"url" : "http://www.vupen.com/english/advisories/2005/2569"
|
|
},
|
|
{
|
|
"name" : "1015274",
|
|
"refsource" : "SECTRACK",
|
|
"url" : "http://securitytracker.com/id?1015274"
|
|
},
|
|
{
|
|
"name" : "17693",
|
|
"refsource" : "SECUNIA",
|
|
"url" : "http://secunia.com/advisories/17693"
|
|
}
|
|
]
|
|
}
|
|
}
|