Vulnerability Description
The dispallclosed2 function in dispallclosed.pl for multiple USANet Creations products, including (1) USANet Shopping Mall Software, (2) Domain Name Auction Software, (3) Standard Classified Ads Software, and (4) MakeBid Reverse Auction allows remote attackers to execute arbitrary code via shell metacharacters in the DISPCLOSED parameter.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Usanet Creations | Domain Name Auction | All versions |
| Usanet Creations | Makebid Auction Deluxe | All versions |
| Usanet Creations | Makebid Auction Standard | All versions |
| Usanet Creations | Makebid Reverse Auction | All versions |
| Usanet Creations | Standard Classified Ads | All versions |
| Usanet Creations | Usanet Shopping Mall | All versions |
References
- http://secunia.com/advisories/15985
- http://securitytracker.com/id?1014411Vendor Advisory
- http://www.securityfocus.com/bid/14179
- http://secunia.com/advisories/15985
- http://securitytracker.com/id?1014411Vendor Advisory
- http://www.securityfocus.com/bid/14179
FAQ
What is CVE-2005-2259?
CVE-2005-2259 is a vulnerability with a CVSS score of 10.0 (HIGH). The dispallclosed2 function in dispallclosed.pl for multiple USANet Creations products, including (1) USANet Shopping Mall Software, (2) Domain Name Auction Software, (3) Standard Classified Ads Softw...
How severe is CVE-2005-2259?
CVE-2005-2259 has been rated HIGH with a CVSS base score of 10.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2005-2259?
Check the references section above for vendor advisories and patch information. Affected products include: Usanet Creations Domain Name Auction, Usanet Creations Makebid Auction Deluxe, Usanet Creations Makebid Auction Standard, Usanet Creations Makebid Reverse Auction, Usanet Creations Standard Classified Ads.