CVE

Id
67050  
CVE No.
CVE-2013-7103  
Status
Candidate  
Description
McAfee Email Gateway 7.6 allows remote authenticated administrators to execute arbitrary commands via shell metacharacters in the value attribute in a (1) TestFile XML element or the (2) hostname. NOTE: this issue can be combined with CVE-2013-7092 to allow remote attackers to execute commands.  
Phase
Assigned (20131214)  
Votes
None (candidate not yet proposed)  
Comments
 

Actions

Related CVE References

Id CVE Id CVE No. Reference Actions
648088 67050 CVE-2013-7103 FULLDISC:20131203 McAfee Email Gateway multiple vulns  View
648089 67050 CVE-2013-7103 URL:http://seclists.org/fulldisclosure/2013/Dec/18  View
648090 67050 CVE-2013-7103 MISC:http://packetstormsecurity.com/files/124277/McAfee-Email-Gateway-7.6-Command-Execution-SQL-Injection.html  View
648091 67050 CVE-2013-7103 BID:64150  View
648092 67050 CVE-2013-7103 URL:http://www.securityfocus.com/bid/64150  View
648093 67050 CVE-2013-7103 OSVDB:100581  View
648094 67050 CVE-2013-7103 URL:http://osvdb.org/100581  View
648095 67050 CVE-2013-7103 XF:mcafee-gateway-cve20137103-command-exec(90162)  View

Related JVN

Id JVN No. Title Summary CVE No. CVE Id CVSS_v2 CVSS_v3 JVN URL Actions
24272 JVNDB-2013-005847 Nagios Core および Icinga におけるプロセスメモリから重要な情報を取得される脆弱性 Nagios Core および Icinga には、一つずれエラー (Off-by-One error) により、プロセスメモリから重要な情報を取得される、またはサービス運用妨害 (クラッシュ) 状態にされる脆弱性が存在します。 CVE-2013-7108 67050 5.5 http://jvndb.jvn.jp/ja/contents/2013/JVNDB-2013-005847.html  View