CVE-2005-2334

CRITICAL

10.0

CVSS Severity Score

EPSS Score0.0280%

EPSS Percentile33.28th

PublishedJul 20, 2005

Last ModifiedApr 16, 2026

Vulnerability Description

Y.SAK allows remote attackers to execute arbitrary commands via shell metacharacters in the $no variable to (1) w_s3mbfm.cgi, (2) w_s3adix.cgi, or (3) w_s3sbfm.cgi.

Affected Platforms (CPE)

📦

Y.sak

All versions

References & Advisories

🔗 http://securitytracker.com/id?1014502

🔗 http://www.securityfocus.com/bid/14299

🔗 http://securitytracker.com/id?1014502

🔗 http://www.securityfocus.com/bid/14299

Related Vulnerabilities

CVE-2015-32045.0

libreswan 3.9 through 3.12 allows remote attackers to cause a denial of service (daemon restart) via an IKEv1 packet with (1) unas...

CVE-2005-266910.0

Computer Associates (CA) Message Queuing (CAM / CAFT) 1.05, 1.07 before Build 220_13, and 1.11 before Build 29_13 allows remote at...

CVE-2005-266810.0

Multiple buffer overflows in Computer Associates (CA) Message Queuing (CAM / CAFT) 1.05, 1.07 before Build 220_13, and 1.11 before...

CVE-2005-103710.0

Unknown vulnerability in AIX 5.3.0, when configured as an NIS client, allows remote attackers to gain root privileges.