CVE-2012-1795

webglimpse.cgi in Webglimpse before 2.20.0 allows remote attackers to execute arbitrary commands via shell metacharacters in the query parameter,...

Basic Information

CVE State: PUBLISHED
Reserved Date: March 20, 2012
Published Date: March 20, 2012
Last Updated: August 06, 2024
Vendor: Webglimpse
Product: Webglimpse
Description: webglimpse.cgi in Webglimpse before 2.20.0 allows remote attackers to execute arbitrary commands via shell metacharacters in the query parameter, as exploited in the wild in March 2012.

CVSS Scores

CVSS v2.0

7.5

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploit Status

Exploited in the Wild: Yes (2012-03-20 18:00:00 UTC) Source

References

http://www.kb.cert.org/vuls/id/364363 http://www.securitytracker.com/id?1026825 http://osvdb.org/80344 http://secunia.com/advisories/48452

Known Exploited Vulnerability Information

Source	Added Date
CVE	2012-03-20 18:00:00 UTC

Timeline

CVE ID Reserved

March 20, 2012
CVE Published to Public

March 20, 2012
Added to KEVIntel

March 20, 2012