CVE-2006-5258 — MEDIUM (5.1)

Q: How severe is CVE-2006-5258?

CVE-2006-5258 has been rated MEDIUM with a CVSS base score of 5.1/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2006-5258?

Check the references section above for vendor advisories and patch information. Affected products include: Asbru Software Asbru Web Content Management, Asbru Software Asbru Website Manager.

Vulnerability Description

The spell checking component of (1) Asbru Web Content Management before 6.1.22, (2) Asbru Web Content Editor before 6.0.22, and (3) Asbru Website Manager before 6.0.22 allows remote attackers to execute arbitrary commands via an unspecified parameter that is not sanitized before Aspell is invoked.

CVSS Score

5.1

MEDIUM

AV:N/AC:H/Au:N/C:P/I:P/A:P

Confidentiality

PARTIAL

Integrity

PARTIAL

Availability

PARTIAL

Affected Products

Vendor	Product	Versions
Asbru Software	Asbru Web Content Management	<= 6.1.20
Asbru Software	Asbru Website Manager	6.0.20

Related Weaknesses (CWE)

CWE-94

References

http://archives.neohapsis.com/archives/fulldisclosure/2006-10/0306.html
http://editor.asbrusoft.com/page.php/id=727
http://secunia.com/advisories/22344PatchVendor Advisory
http://secunia.com/advisories/22353
http://secunia.com/advisories/22472Vendor Advisory
http://wcm.asbrusoft.com/page.php/id=791Patch
http://www.securityfocus.com/bid/20544
http://www.vupen.com/english/advisories/2006/4004Vendor Advisory
http://www.vupen.com/english/advisories/2006/4060Vendor Advisory
http://www.vupen.com/english/advisories/2006/4061Vendor Advisory
http://archives.neohapsis.com/archives/fulldisclosure/2006-10/0306.html
http://editor.asbrusoft.com/page.php/id=727
http://secunia.com/advisories/22344PatchVendor Advisory
http://secunia.com/advisories/22353
http://secunia.com/advisories/22472Vendor Advisory

FAQ

What is CVE-2006-5258?

CVE-2006-5258 is a vulnerability with a CVSS score of 5.1 (MEDIUM). The spell checking component of (1) Asbru Web Content Management before 6.1.22, (2) Asbru Web Content Editor before 6.0.22, and (3) Asbru Website Manager before 6.0.22 allows remote attackers to execu...

How severe is CVE-2006-5258?

CVE-2006-5258 has been rated MEDIUM with a CVSS base score of 5.1/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2006-5258?

Check the references section above for vendor advisories and patch information. Affected products include: Asbru Software Asbru Web Content Management, Asbru Software Asbru Website Manager.