Lucene search
HistoryMar 18, 2004 - 5:00 a.m.
CVE-2004-0324
cve
2004
0324
remote code execution
email headers
security vulnerability
nvd
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
8.1 High
AI Score
Confidence
Low
0.027 Low
EPSS
Percentile
90.5%
Confirm 0.62 and earlier could allow remote attackers to execute arbitrary code via an e-mail header that contains shell metacharacters such as ", `, |, ;, or $.
Affected configurations
Node
confirmconfirmMatch0.50
ORconfirmconfirmMatch0.51
ORconfirmconfirmMatch0.52
ORconfirmconfirmMatch0.53
ORconfirmconfirmMatch0.54
ORconfirmconfirmMatch0.55
ORconfirmconfirmMatch0.60
ORconfirmconfirmMatch0.61
ORconfirmconfirmMatch0.62
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
8.1 High
AI Score
Confidence
Low
0.027 Low
EPSS
Percentile
90.5%
Related for CVE-2004-0324