Vulnerability Description
Unspecified vulnerability in Mambo 4.5 (1.0.0) through 4.5 (1.0.9), with magic_quotes_gpc disabled, allows remote attackers to read arbitrary files and possibly cause a denial of service via a query string that ends with a NULL character.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Mambo | Mambo Open Source 4.5 | 1.0.0 |
References
- http://securitytracker.com/alerts/2005/Nov/1015176.html
- http://www.procheckup.com/Vulner_PR0511.php
- http://securitytracker.com/alerts/2005/Nov/1015176.html
- http://www.procheckup.com/Vulner_PR0511.php
FAQ
What is CVE-2005-4156?
CVE-2005-4156 is a vulnerability with a CVSS score of 9.4 (HIGH). Unspecified vulnerability in Mambo 4.5 (1.0.0) through 4.5 (1.0.9), with magic_quotes_gpc disabled, allows remote attackers to read arbitrary files and possibly cause a denial of service via a query s...
How severe is CVE-2005-4156?
CVE-2005-4156 has been rated HIGH with a CVSS base score of 9.4/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2005-4156?
Check the references section above for vendor advisories and patch information. Affected products include: Mambo Mambo Open Source 4.5.