CVE-2005-1941

SilverCity before 0.9.5-r1 installs (1) cgi-styler-form.py, (2) cgi-styler.py, and (3) source2html.py with read and write world permissions, which allows local users to execute arbitrary code.
References
Configurations

Configuration 1 (hide)

cpe:2.3:a:silvercity_project:silvercity:*:*:*:*:*:*:*:*

History

25 Jan 2024, 21:09

Type Values Removed Values Added
First Time Silvercity Project silvercity
Silvercity Project
CVSS v2 : 3.7
v3 : unknown
v2 : 3.7
v3 : 7.8
CPE cpe:2.3:a:silvercity:silvercity:0.9.5_r1:*:*:*:*:*:*:* cpe:2.3:a:silvercity_project:silvercity:*:*:*:*:*:*:*:*
CWE NVD-CWE-Other CWE-276
References (GENTOO) http://www.gentoo.org/security/en/glsa/glsa-200506-05.xml - Patch, Vendor Advisory (GENTOO) http://www.gentoo.org/security/en/glsa/glsa-200506-05.xml - Third Party Advisory
References (SECUNIA) http://secunia.com/advisories/15632 - (SECUNIA) http://secunia.com/advisories/15632 - Broken Link
References (SECTRACK) http://securitytracker.com/id?1014153 - (SECTRACK) http://securitytracker.com/id?1014153 - Broken Link, Third Party Advisory, VDB Entry
References (MISC) http://bugs.gentoo.org/show_bug.cgi?id=93558 - Patch, Vendor Advisory (MISC) http://bugs.gentoo.org/show_bug.cgi?id=93558 - Issue Tracking

Information

Published : 2005-06-08 04:00

Updated : 2024-02-28 10:42


NVD link : CVE-2005-1941

Mitre link : CVE-2005-1941

CVE.ORG link : CVE-2005-1941


JSON object : View

Products Affected

silvercity_project

  • silvercity
CWE
CWE-276

Incorrect Default Permissions