Lucene search

[email protected]CVE-2006-1599

HistoryApr 03, 2006 - 5:04 p.m.

CVE-2006-1599

2006-04-0317:04:00

[email protected]

web.nvd.nist.gov

cve-2006-1599

vcengine.php

v-creator

vulnerability

openssl

remote attackers

arbitrary commands

encrypt

decrypt

nvd

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.5 High

AI Score

Confidence

High

0.016 Low

EPSS

Percentile

87.3%

JSON

Unspecified vulnerability in VCEngine.php in v-creator before 1.3-pre3, when the VC_CRYPTO_METHOD option is OPENSSL, allows remote attackers to execute arbitrary commands, possibly due to problems in the (1) encrypt and (2) decrypt functions.

Affected configurations

NVD

Node

v-creator.comv-creatorMatch1.3_pre2

CPENameOperatorVersion
v-creator.com:v-creatorv-creator.com v-creatoreq1.3_pre2

CPE	Name	Operator	Version
v-creator.com:v-creator	v-creator.com v-creator	eq	1.3_pre2

References

secunia.com/advisories/19453

sourceforge.net/forum/forum.php?forum_id=557129

www.osvdb.org/24304

www.securityfocus.com/bid/17328

www.vupen.com/english/advisories/2006/1189

exchange.xforce.ibmcloud.com/vulnerabilities/25560

sourceforge.net/p/vcreator/news/2006/03/v-creator-v13-pre3-released/

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.5 High

AI Score

Confidence

High

0.016 Low

EPSS

Percentile

87.3%

JSON

Related for CVE-2006-1599

cvelist1 nvd1 prion1