Short Name |
HTTP:PHP:CEDRIC-EMAIL-PHPINC1 |
---|---|
Severity |
Minor |
Recommended |
No |
Category |
HTTP |
Keywords |
Cedric Email Reader Remote PHP Code Inclusion (1) |
Release Date |
2003/04/22 |
Update Number |
1213 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+ |
This signature detects attempts to exploit a known vulnerability in Cedric Email Reader. Cedric Email Reader versions 0.2, 0.3, and 0.4 are vulnerable. Attackers can exploit the email.php script to execute arbitrary code with the PHP script user privilege of the HTTP daemon.
Remote attackers could execute arbitrary code using the privileges of the logged in user.