9
CVE-2011-0018
- EPSS 9.27%
- Veröffentlicht 28.01.2011 16:00:02
- Zuletzt bearbeitet 16.06.2026 23:26:37
- Quelle secalert@redhat.com
- CVE-Watchlists
- Unerledigt
The email function in manage_sql.c in OpenVAS Manager 1.0.x through 1.0.3 and 2.0.x through 2.0rc2 allows remote authenticated users to execute arbitrary commands via the (1) To or (2) From e-mail address in an OMP request to the Greenbone Security Assistant (GSA).
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Openvas ≫ Openvas Manager Version1.0.0
Openvas ≫ Openvas Manager Version1.0.0 Updatebeta1
Openvas ≫ Openvas Manager Version1.0.0 Updatebeta2
Openvas ≫ Openvas Manager Version1.0.0 Updatebeta3
Openvas ≫ Openvas Manager Version1.0.0 Updatebeta4
Openvas ≫ Openvas Manager Version1.0.0 Updatebeta5
Openvas ≫ Openvas Manager Version1.0.0 Updatebeta6
Openvas ≫ Openvas Manager Version1.0.0 Updatebeta7
Openvas ≫ Openvas Manager Version1.0.0 Updaterc1
Openvas ≫ Openvas Manager Version1.0.1
Openvas ≫ Openvas Manager Version1.0.2
Openvas ≫ Openvas Manager Version1.0.3
Openvas ≫ Openvas Manager Version2.0 Updatebeta1
Openvas ≫ Openvas Manager Version2.0 Updatebeta2
Openvas ≫ Openvas Manager Version2.0 Updatebeta3
Openvas ≫ Openvas Manager Version2.0 Updaterc1
Openvas ≫ Openvas Manager Version2.0 Updaterc2
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 9.27% | 0.947 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 9 | 8 | 10 |
AV:N/AC:L/Au:S/C:C/I:C/A:C
|
CWE-20 Improper Input Validation
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
http://osvdb.org/70639
http://secunia.com/advisories/43037
http://www.exploit-db.com/exploits/16086
http://www.openvas.org/OVSA20110118.html
http://www.securityfocus.com/archive/1/515971/100/0/threaded
http://www.securityfocus.com/bid/45987
http://www.vupen.com/english/advisories/2011/0208
https://exchange.xforce.ibmcloud.com/vulnerabilities/65011