Signature Detail
Short Name |
HTTP:PHP:CEDRIC-EMAIL-PHPINC2 |
|---|---|
Severity |
Medium |
Recommended |
No |
Category |
HTTP |
Keywords |
cedric email php http include |
Release Date |
2003/04/22 |
Update Number |
1213 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+ |
HTTP: Cedric Email Reader Remote PHP Code Inclusion (2)
This signature detects attempts to exploit a known vulnerability in Cedric Email Reader. Cedric Email Reader versions 0.2, 0.3, and 0.4 are vulnerable. Attackers can exploit the emailreader_execute_on_each_page.inc.php script to execute arbitrary code with the PHP script user privilege of the HTTP daemon.
Extended Description
Remote attackers could execute arbitrary code using the privileges of the logged in user.
References