Executive Summary
Informations | |||
---|---|---|---|
Name | CVE-2006-1865 | First vendor Publication | 2006-04-21 |
Vendor | Cve | Last vendor Modification | 2024-02-13 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:P/I:P/A:P) | |||
---|---|---|---|
Cvss Base Score | 7.5 | Attack Range | Network |
Cvss Impact Score | 6.4 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Argument injection vulnerability in Beagle before 0.2.5 allows attackers to execute arbitrary commands via crafted filenames that inject command line arguments when Beagle launches external helper applications while indexing. |
Original Source
Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1865 |
CAPEC : Common Attack Pattern Enumeration & Classification
Id | Name |
---|---|
CAPEC-41 | Using Meta-characters in E-mail Headers to Inject Malicious Payloads |
CAPEC-88 | OS Command Injection |
CAPEC-133 | Try All Common Application Switches and Options |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
100 % | CWE-88 | Argument Injection or Modification |
CPE : Common Platform Enumeration
Type | Description | Count |
---|---|---|
Application | 1 |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
24938 | Beagle External Helper Commandline Argument Injection Beagle contains a flaw that may allow a malicious user to pass argbitrary arguments to helper applications. The issue is triggered when Beagle, during its indexing process, launches helper applications. It is possible that the flaw may allow arbitrary code exection, resulting in a loss of integrity. |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2006-04-26 | Name : The remote Fedora Core host is missing a security update. File : fedora_2006-440.nasl - Type : ACT_GATHER_INFO |
Sources (Detail)
Alert History
Date | Informations |
---|---|
2024-02-13 21:27:57 |
|
2021-05-04 12:03:56 |
|
2021-04-22 01:04:29 |
|
2020-05-23 00:17:41 |
|
2017-07-20 09:23:31 |
|
2016-06-28 15:43:56 |
|
2016-04-26 14:31:25 |
|
2014-02-17 10:35:31 |
|
2013-05-11 10:54:44 |
|