Vulnerability Description
Y.SAK allows remote attackers to execute arbitrary commands via shell metacharacters in the $no variable to (1) w_s3mbfm.cgi, (2) w_s3adix.cgi, or (3) w_s3sbfm.cgi.
CVSS Score
10.0
HIGH
AV:N/AC:L/Au:N/C:C/I:C/A:C
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Y.Sak | Y.Sak | All versions |
References
- http://securitytracker.com/id?1014502
- http://www.securityfocus.com/bid/14299
- http://securitytracker.com/id?1014502
- http://www.securityfocus.com/bid/14299
FAQ
What is CVE-2005-2334?
CVE-2005-2334 is a vulnerability with a CVSS score of 10.0 (HIGH). Y.SAK allows remote attackers to execute arbitrary commands via shell metacharacters in the $no variable to (1) w_s3mbfm.cgi, (2) w_s3adix.cgi, or (3) w_s3sbfm.cgi.
How severe is CVE-2005-2334?
CVE-2005-2334 has been rated HIGH with a CVSS base score of 10.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2005-2334?
Check the references section above for vendor advisories and patch information. Affected products include: Y.Sak Y.Sak.