Vulnerability Details : CVE-2005-0130
Certain Perl scripts in Konversation 0.15 allow remote attackers to execute arbitrary commands via shell metacharacters in (1) channel names or (2) song names that are not properly quoted when the user runs IRC scripts.
Exploit prediction scoring system (EPSS) score for CVE-2005-0130
Probability of exploitation activity in the next 30 days: 1.33%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 85 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2005-0130
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
---|---|---|---|---|---|
7.5
|
HIGH | AV:N/AC:L/Au:N/C:P/I:P/A:P |
10.0
|
6.4
|
NIST |
References for CVE-2005-0130
- http://www.gentoo.org/security/en/glsa/glsa-200501-34.xml
- http://www.kde.org/info/security/advisory-20050121-1.txt
- http://marc.info/?l=bugtraq&m=110626383310742&w=2
- http://www.securityfocus.com/bid/12312
- http://lists.grok.org.uk/pipermail/full-disclosure/2005-January/031033.html
- http://securitytracker.com/id?1012972
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/19008
Products affected by CVE-2005-0130
- cpe:2.3:a:berlios:konversation:0.15:*:*:*:*:*:*:*