CVE

Id
60179  
CVE No.
CVE-2013-0232  
Status
Candidate  
Description
includes/functions.php in ZoneMinder Video Server 1.24.0, 1.25.0, and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) runState parameter in the packageControl function; or (2) key or (3) command parameter in the setDeviceStatusX10 function.  
Phase
Assigned (20121206)  
Votes
None (candidate not yet proposed)  
Comments
 

Actions

Related CVE References

Id CVE Id CVE No. Reference Actions
607413 60179 CVE-2013-0232 EXPLOIT-DB:24310  View
607414 60179 CVE-2013-0232 URL:http://www.exploit-db.com/exploits/24310  View
607415 60179 CVE-2013-0232 MLIST:[oss-security] 20130128 Re: CVE Request: zoneminder: arbitrary command execution vulnerability  View
607416 60179 CVE-2013-0232 URL:http://www.openwall.com/lists/oss-security/2013/01/28/2  View
607417 60179 CVE-2013-0232 MISC:http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=698910  View
607418 60179 CVE-2013-0232 MISC:http://itsecuritysolutions.org/2013-01-22-ZoneMinder-Video-Server-arbitrary-command-execution-vulnerability/  View
607419 60179 CVE-2013-0232 MISC:http://www.zoneminder.com/forums/viewtopic.php?f=29&t=20771  View
607420 60179 CVE-2013-0232 DEBIAN:DSA-2640  View
607421 60179 CVE-2013-0232 URL:http://www.debian.org/security/2013/dsa-2640  View
607422 60179 CVE-2013-0232 OSVDB:89529  View

Related JVN

Id JVN No. Title Summary CVE No. CVE Id CVSS_v2 CVSS_v3 JVN URL Actions
21663 JVNDB-2013-003238 WordPress などの製品で使用される Moxiecode Plupload におけるクロスサイトスクリプティングの脆弱性 WordPress などの製品で使用される Moxiecode Plupload の Plupload.as には、クロスサイトスクリプティングの脆弱性が存在します。 CVE-2013-0237 60179 4.3 http://jvndb.jvn.jp/ja/contents/2013/JVNDB-2013-003238.html  View