Vulnerability Details CVE-2006-0044
Unspecified vulnerability in context.py in Albatross web application toolkit before 1.33 allows remote attackers to execute arbitrary commands via unspecified vectors involving template files and the "handling of submitted form fields".
Exploit prediction scoring system (EPSS) score
EPSS Score 0.017
EPSS Ranking 81.3%
CVSS Severity
CVSS v2 Score 7.5
References
- http://secunia.com/advisories/18457
- http://secunia.com/advisories/18496
- http://security.debian.org/pool/updates/main/a/albatross/albatross_1.20-2.diff.gz
- http://www.debian.org/security/2006/dsa-942
- http://www.object-craft.com.au/projects/albatross/news.html
- http://www.osvdb.org/22451
- http://www.securityfocus.com/bid/16252
- http://www.vupen.com/english/advisories/2006/0196
- https://exchange.xforce.ibmcloud.com/vulnerabilities/24130
- http://secunia.com/advisories/18457
- http://secunia.com/advisories/18496
- http://security.debian.org/pool/updates/main/a/albatross/albatross_1.20-2.diff.gz
- http://www.debian.org/security/2006/dsa-942
- http://www.object-craft.com.au/projects/albatross/news.html
- http://www.osvdb.org/22451
- http://www.securityfocus.com/bid/16252
- http://www.vupen.com/english/advisories/2006/0196
- https://exchange.xforce.ibmcloud.com/vulnerabilities/24130
Products affected by CVE-2006-0044
-
cpe:2.3:a:albatross:albatross:1.00
-
cpe:2.3:a:albatross:albatross:1.01
-
cpe:2.3:a:albatross:albatross:1.10
-
cpe:2.3:a:albatross:albatross:1.20
-
cpe:2.3:a:albatross:albatross:1.30
-
cpe:2.3:a:albatross:albatross:1.32