CVE-2005-2625

{"id": "CVE-2005-2625", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": true, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2005-08-19T04:00:00.000", "references": [{"url": "http://marc.info/?l=bugtraq&m=112421484419768&w=2", "source": "cve@mitre.org"}, {"url": "http://marc.info/?l=bugtraq&m=112421484419768&w=2", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-Other"}]}], "descriptions": [{"lang": "en", "value": "Incomplete blacklist vulnerability in the checkBlacklist function in CPAINT allows remote attackers to execute arbitrary commands via the (1) ExecuteGlobal function or (2) GetRef statement, which is not included in the blacklist."}], "lastModified": "2024-11-20T23:59:59.833", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:cpaint:cpaint:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F260CC28-01AB-450F-9A2B-1E3355DECE6B"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}