CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2009-2353

encoder.php in eAccelerator allows remote attackers to execute arbitrary code by copying a local executable file to a location under the web root via the -o option, and then making a direct request to this file, related to upload of image files.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.012

EPSS Ranking 77.7%

CVSS Severity

CVSS v2 Score 6.8

References

http://www.mandriva.com/security/advisories?name=MDVSA-2009:188
http://www.securityfocus.com/archive/1/504695/100/0/threaded
http://www.mandriva.com/security/advisories?name=MDVSA-2009:188
http://www.securityfocus.com/archive/1/504695/100/0/threaded

Products affected by CVE-2009-2353

Eaccelerator » Eaccelerator » Version: 0.9.4

cpe:2.3:a:eaccelerator:eaccelerator:0.9.4
Eaccelerator » Eaccelerator » Version: 0.9.5

cpe:2.3:a:eaccelerator:eaccelerator:0.9.5
Eaccelerator » Eaccelerator » Version: 0.9.5.1

cpe:2.3:a:eaccelerator:eaccelerator:0.9.5.1
Eaccelerator » Eaccelerator » Version: 0.9.5.2

cpe:2.3:a:eaccelerator:eaccelerator:0.9.5.2
Eaccelerator » Eaccelerator » Version: 0.9.5.3

cpe:2.3:a:eaccelerator:eaccelerator:0.9.5.3

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2009-2353

Products

Pricing

Contact Us