PublicDate: 2005-07-05 04:00:00 UTC
Candidate: CVE-2005-1921
References:
 https://ubuntu.com/security/notices/USN-147-1
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1921
Description:
 Eval injection vulnerability in PEAR XML_RPC 1.3.0 and earlier (aka XML-RPC
 or xmlrpc) and PHPXMLRPC (aka XML-RPC For PHP or php-xmlrpc) 1.1 and
 earlier, as used in products such as (1) WordPress, (2) Serendipity, (3)
 Drupal, (4) egroupware, (5) MailWatch, (6) TikiWiki, (7) phpWebSite, (8)
 Ampache, and others, allows remote attackers to execute arbitrary PHP code
 via an XML file, which is not properly sanitized before being used in an
 eval statement.
Ubuntu-Description:
Notes:
Priority: untriaged
Discovered-by:
Assigned-to:
CVSS:

Bugs:
dapper_php4: not-affected
edgy_php4: not-affected
feisty_php4: DNE
devel_php4: DNE
dapper_php5: released (5.1.2-1ubuntu3.9)
edgy_php5: released (5.1.6-1ubuntu2.6)
feisty_php5: released (5.2.1-0ubuntu1.4)
devel_php5: released (5.2.3-1ubuntu5)
dapper_egroupware: released (1.0.0.009.dfsg-3-4)
edgy_egroupware: released (1.0.0.009.dfsg-3-4)
feisty_egroupware: released (1.0.0.009.dfsg-3-4)
devel_egroupware: released (1.0.0.009.dfsg-3-4)
dapper_phpwiki: not-affected
edgy_phpwiki: not-affected
feisty_phpwiki: not-affected
devel_phpwiki: not-affected
upstream_egroupware: needs-triage
upstream_php4: needs-triage
upstream_php5: needs-triage
upstream_phpwiki: needs-triage