CVE-2005-2498 (retired)

Priority
Description
Eval injection vulnerability in PHPXMLRPC 1.1.1 and earlier (PEAR XML-RPC
for PHP), as used in multiple products including (1) Drupal, (2) phpAdsNew,
(3) phpPgAds, and (4) phpgroupware, allows remote attackers to execute
arbitrary PHP code via certain nested XML tags in a PHP document that
should not be nested, which are injected into an eval function call, a
different vulnerability than CVE-2005-1921.
Package
Upstream:needs-triage
Package
Upstream:needs-triage
Package
Source: php4 (LP Ubuntu Debian)
Upstream:needs-triage
Package
Source: php5 (LP Ubuntu Debian)
Upstream:needs-triage
Package
Upstream:needs-triage
More Information

Updated: 2019-08-23 08:06:03 UTC (commit 436fd4ed4cf0038ddd382cb8649607ace163dda7)