CVE-2005-2259
Published Jul 13, 2005
Last updated 16 years ago
Overview
- Description
- The dispallclosed2 function in dispallclosed.pl for multiple USANet Creations products, including (1) USANet Shopping Mall Software, (2) Domain Name Auction Software, (3) Standard Classified Ads Software, and (4) MakeBid Reverse Auction allows remote attackers to execute arbitrary code via shell metacharacters in the DISPCLOSED parameter.
- Source
- cve@mitre.org
- NVD status
- Analyzed
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 10
- Impact score
- 10
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:C/I:C/A:C
Weaknesses
- nvd@nist.gov
- NVD-CWE-Other
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:usanet_creations:domain_name_auction:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A6D77AED-73EF-4375-B1C0-E80502B86563"
},
{
"criteria": "cpe:2.3:a:usanet_creations:makebid_auction_deluxe:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A720DA2C-10D8-467A-B375-665CFFC4198F"
},
{
"criteria": "cpe:2.3:a:usanet_creations:makebid_auction_deluxe:3.30:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C9AE346F-60CA-4B6F-A627-423FBF555460"
},
{
"criteria": "cpe:2.3:a:usanet_creations:makebid_auction_standard:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "39B040E0-C50A-419F-9DB4-E1D9467EEAC2"
},
{
"criteria": "cpe:2.3:a:usanet_creations:makebid_reverse_auction:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "55B80B42-B16A-4DDF-B871-B687B1F26CCE"
},
{
"criteria": "cpe:2.3:a:usanet_creations:standard_classified_ads:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "18BAEB16-830A-4E2C-B4E3-F27F3BFA66C4"
},
{
"criteria": "cpe:2.3:a:usanet_creations:usanet_shopping_mall:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8002F5A8-7CAC-4BEA-AFE4-0E4A2E786068"
}
],
"operator": "OR"
}
]
}
]