CVE-1999-1180

Description

O'Reilly WebSite 1.1e and Website Pro 2.0 allows remote attackers to execute arbitrary commands via shell metacharacters in an argument to (1) args.cmd or (2) args.bat.

Affected Software
References

Software	From	Fixed in
oreilly / website_pro	2.0	2.0.x
oreilly / website_pro	2.1	2.1.x
oreilly / website	1.1e	1.1e.x
oreilly / website_pro	-	2.4.x

http://oliver.efri.hr/~crv/security/bugs/NT/buffer.html
http://www.tryc.on.ca/archives/bugtraq/1999_1/0612.html

Severity: Medium

CVE: CVE-1999-1180
Published: Feb 16, 1999
Updated: Apr 13, 2023
Exploit:

Severity: Medium
Score: 5
AV:N/AC:L/Au:N/C:N/I:N/A:P

CVE-1999-1180

Description

Details

CVSS v2