Vulnerability-Lookup

Search criteria ⓘ Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.

Full-Text Search

Vendor

Product

Assigner

Sources

Sort by

Order

Apply ordering (override relevance)

1 vulnerability found for Homepage Builder by IBM Corporation

JVNDB-2007-000395

Vulnerability from jvndb - Published: 2008-05-21 00:00 - Updated:2008-05-21 00:00

Severity ?

N/A (UNKNOWN) - -

Summary

Homepage Builder sample CGI programs vulnerable to OS command injection

Details

Some of the CGI sample programs included in Homepage Builder provided by IBM Japan contains a vulnerability which may allow an attacker to inject an arbitrary OS command. According to the vendor, it is confirmed that vulnerable CGI sample programs are not included in the demo versions of each product.

References

Type

URL

	JVN	http://jvn.jp/en/jp/JVN81294906/index.html
	JPCERT-WR	http://www.jpcert.or.jp/wr/2007/wr071901.txt

Impacted products

Vendor

Product

IBM Corporation

Homepage Builder

Show details on JVN DB website

JSON

To clipboard

{
  "@rdf:about": "https://jvndb.jvn.jp/en/contents/2007/JVNDB-2007-000395.html",
  "dc:date": "2008-05-21T00:00+09:00",
  "dcterms:issued": "2008-05-21T00:00+09:00",
  "dcterms:modified": "2008-05-21T00:00+09:00",
  "description": "Some of the CGI sample programs included in Homepage Builder provided by IBM Japan contains a vulnerability which may allow an attacker to inject an arbitrary OS command.\r\n\r\nAccording to the vendor, it is confirmed that vulnerable CGI sample programs are not included in the demo versions of each product.",
  "link": "https://jvndb.jvn.jp/en/contents/2007/JVNDB-2007-000395.html",
  "sec:cpe": {
    "#text": "cpe:/a:ibm:homepage_builder",
    "@product": "Homepage Builder",
    "@vendor": "IBM Corporation",
    "@version": "2.2"
  },
  "sec:cvss": {
    "@score": "5.1",
    "@severity": "Medium",
    "@type": "Base",
    "@vector": "AV:N/AC:H/Au:N/C:P/I:P/A:P",
    "@version": "2.0"
  },
  "sec:identifier": "JVNDB-2007-000395",
  "sec:references": [
    {
      "#text": "http://jvn.jp/en/jp/JVN81294906/index.html",
      "@id": "JVN#81294906",
      "@source": "JVN"
    },
    {
      "#text": "http://www.jpcert.or.jp/wr/2007/wr071901.txt",
      "@id": "JPCERT-WR-2007-1901",
      "@source": "JPCERT-WR"
    }
  ],
  "title": "Homepage Builder sample CGI programs vulnerable to OS command injection"
}

Search criteria ⓘ Use this form to refine search results. Full-text search supports keyword queries with ranking and filtering. You can combine vendor, product, and sources to narrow results. Enable “Apply ordering” to sort by date instead of relevance.

1 vulnerability found for Homepage Builder by IBM Corporation

JVNDB-2007-000395

Search criteria ⓘ Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.