Search criteria
1 vulnerability found for Homepage Builder by IBM Corporation
JVNDB-2007-000395
Vulnerability from jvndb - Published: 2008-05-21 00:00 - Updated:2008-05-21 00:00Summary
Homepage Builder sample CGI programs vulnerable to OS command injection
Details
Some of the CGI sample programs included in Homepage Builder provided by IBM Japan contains a vulnerability which may allow an attacker to inject an arbitrary OS command.
According to the vendor, it is confirmed that vulnerable CGI sample programs are not included in the demo versions of each product.
References
| Type | URL | |
|---|---|---|
Impacted products
| Vendor | Product | |
|---|---|---|
{
"@rdf:about": "https://jvndb.jvn.jp/en/contents/2007/JVNDB-2007-000395.html",
"dc:date": "2008-05-21T00:00+09:00",
"dcterms:issued": "2008-05-21T00:00+09:00",
"dcterms:modified": "2008-05-21T00:00+09:00",
"description": "Some of the CGI sample programs included in Homepage Builder provided by IBM Japan contains a vulnerability which may allow an attacker to inject an arbitrary OS command.\r\n\r\nAccording to the vendor, it is confirmed that vulnerable CGI sample programs are not included in the demo versions of each product.",
"link": "https://jvndb.jvn.jp/en/contents/2007/JVNDB-2007-000395.html",
"sec:cpe": {
"#text": "cpe:/a:ibm:homepage_builder",
"@product": "Homepage Builder",
"@vendor": "IBM Corporation",
"@version": "2.2"
},
"sec:cvss": {
"@score": "5.1",
"@severity": "Medium",
"@type": "Base",
"@vector": "AV:N/AC:H/Au:N/C:P/I:P/A:P",
"@version": "2.0"
},
"sec:identifier": "JVNDB-2007-000395",
"sec:references": [
{
"#text": "http://jvn.jp/en/jp/JVN81294906/index.html",
"@id": "JVN#81294906",
"@source": "JVN"
},
{
"#text": "http://www.jpcert.or.jp/wr/2007/wr071901.txt",
"@id": "JPCERT-WR-2007-1901",
"@source": "JPCERT-WR"
}
],
"title": "Homepage Builder sample CGI programs vulnerable to OS command injection"
}