7.5

CVE-2006-0868

Multiple unspecified injection vulnerabilities in unspecified Auth Container back ends for PEAR::Auth before 1.2.4, and 1.3.x before 1.3.0r4, allow remote attackers to "falsify authentication credentials," related to the "underlying storage containers."
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
PearXml Rpc Version1.0.2
PearXml Rpc Version1.0.3
PearXml Rpc Version1.0.4
PearXml Rpc Version1.1.0
PearXml Rpc Version1.2.0
PearXml Rpc Version1.2.0rc1
PearXml Rpc Version1.2.0rc2
PearXml Rpc Version1.2.0rc3
PearXml Rpc Version1.2.0rc4
PearXml Rpc Version1.2.0rc5
PearXml Rpc Version1.2.0rc6
PearXml Rpc Version1.2.0rc7
PearXml Rpc Version1.2.1
PearXml Rpc Version1.2.2
PearXml Rpc Version1.3.0rc1
PearXml Rpc Version1.3.0rc2
PearXml Rpc Version1.3.0rc3
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 2.45% 0.823
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.5 10 6.4
AV:N/AC:L/Au:N/C:P/I:P/A:P
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://pear.php.net/package/Auth/download/1.2.4
Patch
http://pear.php.net/package/Auth/download/1.3.0r4
Patch
http://secunia.com/advisories/19008
http://secunia.com/advisories/19301
http://securitytracker.com/id?1015666
http://www.gentoo.org/security/en/glsa/glsa-200603-13.xml
http://www.securityfocus.com/archive/1/425796/100/0/threaded
http://www.securityfocus.com/bid/16758
Patch
Vendor Advisory
http://www.vupen.com/english/advisories/2006/0696
https://exchange.xforce.ibmcloud.com/vulnerabilities/24854