CVE-2005-2498

Table of Contents

Impact:
Important
Public Date:
2005-08-14
Bugzilla:
1617729: CVE-2005-2498 security flaw

The MITRE CVE dictionary describes this issue as:

Eval injection vulnerability in PHPXMLRPC 1.1.1 and earlier (PEAR XML-RPC for PHP), as used in multiple products including (1) Drupal, (2) phpAdsNew, (3) phpPgAds, and (4) phpgroupware, allows remote attackers to execute arbitrary PHP code via certain nested XML tags in a PHP document that should not be nested, which are injected into an eval function call, a different vulnerability than CVE-2005-1921.

Find out more about CVE-2005-2498 from the MITRE CVE dictionary dictionary and NIST NVD.

Red Hat Security Errata

Platform Errata Release Date
Red Hat Enterprise Linux 3 (php) RHSA-2005:748 2005-08-19
Red Hat Enterprise Linux 4 (php) RHSA-2005:748 2005-08-19
Last Modified

CVE description copyright © 2017, The MITRE Corporation