Vulnerability Details CVE-2006-0868
Multiple unspecified injection vulnerabilities in unspecified Auth Container back ends for PEAR::Auth before 1.2.4, and 1.3.x before 1.3.0r4, allow remote attackers to "falsify authentication credentials," related to the "underlying storage containers."
Exploit prediction scoring system (EPSS) score
EPSS Score 0.023
EPSS Ranking 84.1%
CVSS Severity
CVSS v2 Score 7.5
References
- http://pear.php.net/package/Auth/download/1.2.4
- http://pear.php.net/package/Auth/download/1.3.0r4
- http://secunia.com/advisories/19008
- http://secunia.com/advisories/19301
- http://securitytracker.com/id?1015666
- http://www.gentoo.org/security/en/glsa/glsa-200603-13.xml
- http://www.securityfocus.com/archive/1/425796/100/0/threaded
- http://www.securityfocus.com/bid/16758
- http://www.vupen.com/english/advisories/2006/0696
- https://exchange.xforce.ibmcloud.com/vulnerabilities/24854
- http://pear.php.net/package/Auth/download/1.2.4
- http://pear.php.net/package/Auth/download/1.3.0r4
- http://secunia.com/advisories/19008
- http://secunia.com/advisories/19301
- http://securitytracker.com/id?1015666
- http://www.gentoo.org/security/en/glsa/glsa-200603-13.xml
- http://www.securityfocus.com/archive/1/425796/100/0/threaded
- http://www.securityfocus.com/bid/16758
- http://www.vupen.com/english/advisories/2006/0696
- https://exchange.xforce.ibmcloud.com/vulnerabilities/24854
Products affected by CVE-2006-0868
-
cpe:2.3:a:pear:xml_rpc:1.0.2
-
cpe:2.3:a:pear:xml_rpc:1.0.3
-
cpe:2.3:a:pear:xml_rpc:1.0.4
-
cpe:2.3:a:pear:xml_rpc:1.1.0
-
cpe:2.3:a:pear:xml_rpc:1.2.0
-
cpe:2.3:a:pear:xml_rpc:1.2.0rc1
-
cpe:2.3:a:pear:xml_rpc:1.2.0rc2
-
cpe:2.3:a:pear:xml_rpc:1.2.0rc3
-
cpe:2.3:a:pear:xml_rpc:1.2.0rc4
-
cpe:2.3:a:pear:xml_rpc:1.2.0rc5
-
cpe:2.3:a:pear:xml_rpc:1.2.0rc6
-
cpe:2.3:a:pear:xml_rpc:1.2.0rc7
-
cpe:2.3:a:pear:xml_rpc:1.2.1
-
cpe:2.3:a:pear:xml_rpc:1.2.2
-
cpe:2.3:a:pear:xml_rpc:1.3.0rc1
-
cpe:2.3:a:pear:xml_rpc:1.3.0rc2
-
cpe:2.3:a:pear:xml_rpc:1.3.0rc3