|
|
CVE Reference: CVE-2005-3539 |
|
| NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. | |
|
Original Page at CVE MITRE: CVE-2005-3539 |
|
|
Description: Multiple eval injection vulnerabilities in HylaFAX 4.2.3 and earlier allow remote attackers to execute arbitrary commands via (1) the notify script in HylaFAX 4.2.0 to 4.2.3 and (2) crafted CallID parameters to the faxrcvd script in HylaFAX 4.2.2 and 4.2.3. |
|
|
CVE Status: Candidate |
|
|
References: SAID Secunia Advisory: SA18366 Secunia Advisory: SA18489 Secunia Advisory: SA18314 Secunia Advisory: SA18337 MISC http://bugs.hylafax.org/bugzilla/show_bug.cgi?id=719 MANDRIVA http://frontal2.mandriva.com/security/advisories?name=MDKSA-2006:015 GENTOO http://www.gentoo.org/security/en/glsa/glsa-200601-03.xml DEBIAN http://www.debian.org/security/2005/dsa-933 CONFIRM http://www.hylafax.org/content/HylaFAX_4.2.4_release BUGTRAQ http://www.securityfocus.com/archive/1/archive/1/420974/100/0/threaded BID 16151 |
|
| Return to the previous page. |
