CVE-2005-1921
UnknownEPSS 79.07%
Last modified
CVE-2005-1921 is a vulnerability of currently unknown severity. Eval injection vulnerability in PEAR XML_RPC 1.3.0 and earlier (aka XML-RPC or xmlrpc) and PHPXMLRPC (aka XML-RPC For PHP or php-xmlrpc) 1.1 and earlier, as used in products such as (1) WordPress, (2) Serendipity, (3) Drupal, (4) egroupware, (5) MailWatch, (6) TikiWiki, (7) phpWebSite, (8) Ampache, and others, allows remote attackers to execute arbitrary PHP code via an XML file, which is not properly sanitized before being used in an eval statement.. EPSS estimates a 79.07% chance of exploitation in the next 30 days.
Description
Eval injection vulnerability in PEAR XML_RPC 1.3.0 and earlier (aka XML-RPC or xmlrpc) and PHPXMLRPC (aka XML-RPC For PHP or php-xmlrpc) 1.1 and earlier, as used in products such as (1) WordPress, (2) Serendipity, (3) Drupal, (4) egroupware, (5) MailWatch, (6) TikiWiki, (7) phpWebSite, (8) Ampache, and others, allows remote attackers to execute arbitrary PHP code via an XML file, which is not properly sanitized before being used in an eval statement.
Metrics
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Php | Xml Rpc | <= 1.3.0 |
| Gggeek | Phpxmlrpc | <= 1.1 |
| Drupal | Drupal | < 4.5.4 |
| Drupal | Drupal | >= 4.6.0, < 4.6.2 |
| Tiki | Tikiwiki Cms\/Groupware | < 1.8.5 |
| Debian | Debian Linux | 3.1 |
References
- http://marc.info/?l=bugtraq&m=112008638320145&w=2Third Party Advisory
- http://marc.info/?l=bugtraq&m=112015336720867&w=2Third Party Advisory
- http://marc.info/?l=bugtraq&m=112605112027335&w=2Third Party Advisory
- http://pear.php.net/package/XML_RPC/download/1.3.1Patch, Product
- http://secunia.com/advisories/15810Broken Link
- http://secunia.com/advisories/15852Broken Link
- http://secunia.com/advisories/15855Broken Link
- http://secunia.com/advisories/15861Broken Link
- http://secunia.com/advisories/15872Broken Link
- http://secunia.com/advisories/15883Broken Link
- http://secunia.com/advisories/15884Broken Link
- http://secunia.com/advisories/15895Broken Link
- http://secunia.com/advisories/15903Broken Link
- http://secunia.com/advisories/15904Broken Link
- http://secunia.com/advisories/15916Broken Link
- http://secunia.com/advisories/15917Broken Link
- http://secunia.com/advisories/15922Broken Link
- http://secunia.com/advisories/15944Broken Link
- http://secunia.com/advisories/15947Broken Link
- http://secunia.com/advisories/15957Broken Link
- http://secunia.com/advisories/16001Broken Link
- http://secunia.com/advisories/16339Broken Link
- http://secunia.com/advisories/16693Broken Link
- http://secunia.com/advisories/17440Broken Link
- http://secunia.com/advisories/17674Broken Link
- http://secunia.com/advisories/18003Broken Link
- http://security.gentoo.org/glsa/glsa-200507-01.xmlThird Party Advisory
- http://security.gentoo.org/glsa/glsa-200507-06.xmlThird Party Advisory
- http://security.gentoo.org/glsa/glsa-200507-07.xmlThird Party Advisory
- http://securitytracker.com/id?1015336Broken Link, Third Party Advisory, VDB Entry
- http://www.ampache.org/announce/3_3_1_2.phpBroken Link
- http://www.debian.org/security/2005/dsa-745Mailing List, Third Party Advisory
- http://www.debian.org/security/2005/dsa-746Mailing List, Third Party Advisory
- http://www.debian.org/security/2005/dsa-747Mailing List, Third Party Advisory
- http://www.debian.org/security/2005/dsa-789Mailing List, Third Party Advisory
- http://www.drupal.org/security/drupal-sa-2005-003/advisory.txtThird Party Advisory
- http://www.gulftech.org/?node=research&article_id=00087-07012005Not Applicable, Vendor Advisory
- http://www.hardened-php.net/advisory-022005.phpNot Applicable
- http://www.mandriva.com/security/advisories?name=MDKSA-2005:109Patch, Third Party Advisory, Vendor Advisory
- http://www.securityfocus.com/archive/1/419064/100/0/threadedBroken Link, Third Party Advisory, VDB Entry
- http://www.securityfocus.com/bid/14088Broken Link, Third Party Advisory, VDB Entry
- http://marc.info/?l=bugtraq&m=112008638320145&w=2Third Party Advisory
- http://marc.info/?l=bugtraq&m=112015336720867&w=2Third Party Advisory
- http://marc.info/?l=bugtraq&m=112605112027335&w=2Third Party Advisory
- http://pear.php.net/package/XML_RPC/download/1.3.1Patch, Product
- http://secunia.com/advisories/15810Broken Link
- http://secunia.com/advisories/15852Broken Link
- http://secunia.com/advisories/15855Broken Link
- http://secunia.com/advisories/15861Broken Link
- http://secunia.com/advisories/15872Broken Link
- http://secunia.com/advisories/15883Broken Link
- http://secunia.com/advisories/15884Broken Link
- http://secunia.com/advisories/15895Broken Link
- http://secunia.com/advisories/15903Broken Link
- http://secunia.com/advisories/15904Broken Link
- http://secunia.com/advisories/15916Broken Link
- http://secunia.com/advisories/15917Broken Link
- http://secunia.com/advisories/15922Broken Link
- http://secunia.com/advisories/15944Broken Link
- http://secunia.com/advisories/15947Broken Link
- http://secunia.com/advisories/15957Broken Link
- http://secunia.com/advisories/16001Broken Link
- http://secunia.com/advisories/16339Broken Link
- http://secunia.com/advisories/16693Broken Link
- http://secunia.com/advisories/17440Broken Link
- http://secunia.com/advisories/17674Broken Link
- http://secunia.com/advisories/18003Broken Link
- http://security.gentoo.org/glsa/glsa-200507-01.xmlThird Party Advisory
- http://security.gentoo.org/glsa/glsa-200507-06.xmlThird Party Advisory
- http://security.gentoo.org/glsa/glsa-200507-07.xmlThird Party Advisory
- http://securitytracker.com/id?1015336Broken Link, Third Party Advisory, VDB Entry
- http://www.ampache.org/announce/3_3_1_2.phpBroken Link
- http://www.debian.org/security/2005/dsa-745Mailing List, Third Party Advisory
- http://www.debian.org/security/2005/dsa-746Mailing List, Third Party Advisory
- http://www.debian.org/security/2005/dsa-747Mailing List, Third Party Advisory
- http://www.debian.org/security/2005/dsa-789Mailing List, Third Party Advisory
- http://www.drupal.org/security/drupal-sa-2005-003/advisory.txtThird Party Advisory
- http://www.gulftech.org/?node=research&article_id=00087-07012005Not Applicable, Vendor Advisory
- http://www.hardened-php.net/advisory-022005.phpNot Applicable
- http://www.mandriva.com/security/advisories?name=MDKSA-2005:109Patch, Third Party Advisory, Vendor Advisory
- http://www.securityfocus.com/archive/1/419064/100/0/threadedBroken Link, Third Party Advisory, VDB Entry
- http://www.securityfocus.com/bid/14088Broken Link, Third Party Advisory, VDB Entry
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2005-1921?
Eval injection vulnerability in PEAR XML_RPC 1.3.0 and earlier (aka XML-RPC or xmlrpc) and PHPXMLRPC (aka XML-RPC For PHP or php-xmlrpc) 1.1 and earlier, as used in products such as (1) WordPress, (2) Serendipity, (3) Drupal, (4) egroupware, (5) MailWatch, (6) TikiWiki, (7) phpWebSite, (8) Ampache, and others, allows remote attackers to execute arbitrary PHP code via an XML file, which is not properly sanitized before being used in an eval statement.
How severe is CVE-2005-1921?
Severity scoring for CVE-2005-1921 is pending analysis. The EPSS model estimates a 79.07% probability of exploitation in the next 30 days.
How do I fix CVE-2005-1921?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.
Are you affected by CVE-2005-1921?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST