CVE-2005-1527

Name: CVE-2005-1527
Creator: NVD / NIST
Published: 2005-08-15T04:00:00+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

UnknownEPSS 2.67%

Last modified Jun 16, 2026

CVE-2005-1527 is a vulnerability of currently unknown severity. Eval injection vulnerability in awstats.pl in AWStats 6.4 and earlier, when a URLPlugin is enabled, allows remote attackers to execute arbitrary Perl code via the HTTP Referrer, which is used in a $url parameter that is inserted into an eval function call.. EPSS estimates a 2.67% chance of exploitation in the next 30 days.

Description

Eval injection vulnerability in awstats.pl in AWStats 6.4 and earlier, when a URLPlugin is enabled, allows remote attackers to execute arbitrary Perl code via the HTTP Referrer, which is used in a $url parameter that is inserted into an eval function call.

Metrics

EPSS Probability

2.67%

83.8th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

CWE-94

Affected Software

Vendor	Product	Versions
Awstats	Awstats	<= 6.4
Canonical	Ubuntu Linux	5.04
Debian	Debian Linux	3.0
Debian	Debian Linux	3.1

References

http://secunia.com/advisories/16412Broken Link, Patch, Vendor Advisory
http://secunia.com/advisories/17463Broken Link
http://securitytracker.com/id?1014636Broken Link, Patch, Third Party Advisory, VDB Entry
http://www.debian.org/security/2005/dsa-892Mailing List, Third Party Advisory
http://www.idefense.com/application/poi/display?id=290&type=vulnerabilities&flashstatus=falseBroken Link
http://www.novell.com/linux/security/advisories/2005_19_sr.htmlBroken Link
http://www.osvdb.org/18696Broken Link, Patch
http://www.securiteam.com/unixfocus/5DP0J00GKE.htmlBroken Link, Vendor Advisory
http://www.securityfocus.com/bid/14525Broken Link, Third Party Advisory, VDB Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/21769Third Party Advisory, VDB Entry
https://usn.ubuntu.com/167-1/Broken Link
http://secunia.com/advisories/16412Broken Link, Patch, Vendor Advisory
http://secunia.com/advisories/17463Broken Link
http://securitytracker.com/id?1014636Broken Link, Patch, Third Party Advisory, VDB Entry
http://www.debian.org/security/2005/dsa-892Mailing List, Third Party Advisory
http://www.idefense.com/application/poi/display?id=290&type=vulnerabilities&flashstatus=falseBroken Link
http://www.novell.com/linux/security/advisories/2005_19_sr.htmlBroken Link
http://www.osvdb.org/18696Broken Link, Patch
http://www.securiteam.com/unixfocus/5DP0J00GKE.htmlBroken Link, Vendor Advisory
http://www.securityfocus.com/bid/14525Broken Link, Third Party Advisory, VDB Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/21769Third Party Advisory, VDB Entry
https://usn.ubuntu.com/167-1/Broken Link

Timeline

Published: Aug 15, 2005
Last Modified: Jun 16, 2026
Status: Modified

Frequently Asked Questions

What is CVE-2005-1527?

How severe is CVE-2005-1527?

Severity scoring for CVE-2005-1527 is pending analysis. The EPSS model estimates a 2.67% probability of exploitation in the next 30 days.

How do I fix CVE-2005-1527?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2005-1527?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST