Vulnerability Description
Eval injection vulnerability in the decode function in rpc_decoder.php for phpRPC 0.7 and earlier, as used by runcms, exoops, and possibly other programs, allows remote attackers to execute arbitrary PHP code via the base64 tag.
CVSS Score
7.5
HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Phprpc | Phprpc | 0.7 |
References
- http://secunia.com/advisories/19028
- http://secunia.com/advisories/19058
- http://securityreason.com/securityalert/502
- http://securitytracker.com/id?1015691
- http://www.gulftech.org/?node=research&article_id=00105-02262006Vendor Advisory
- http://www.securityfocus.com/archive/1/426193Vendor Advisory
- http://www.securityfocus.com/bid/16833
- http://www.vupen.com/english/advisories/2006/0745
- http://secunia.com/advisories/19028
- http://secunia.com/advisories/19058
- http://securityreason.com/securityalert/502
- http://securitytracker.com/id?1015691
- http://www.gulftech.org/?node=research&article_id=00105-02262006Vendor Advisory
- http://www.securityfocus.com/archive/1/426193Vendor Advisory
- http://www.securityfocus.com/bid/16833
FAQ
What is CVE-2006-1032?
CVE-2006-1032 is a vulnerability with a CVSS score of 7.5 (HIGH). Eval injection vulnerability in the decode function in rpc_decoder.php for phpRPC 0.7 and earlier, as used by runcms, exoops, and possibly other programs, allows remote attackers to execute arbitrary ...
How severe is CVE-2006-1032?
CVE-2006-1032 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2006-1032?
Check the references section above for vendor advisories and patch information. Affected products include: Phprpc Phprpc.