Family Connections 'argv[1]' Parameter Remote Arbitrary Command Execution Vulnerability Network Vulnerability

Summary

Family Connections is prone to a remote arbitrary command- execution vulnerability because it fails to properly validate user-supplied input. An attacker can exploit this issue to execute arbitrary commands within the context of the vulnerable application.

Solution

Vendor updates are available. Please see the references for more information.

References

http://sourceforge.net/apps/trac/fam-connections/ticket/407
http://www.haudenschilt.com/fcms/index.html
http://www.securityfocus.com/bid/50897

Updated on 2015-03-25

Severity

Classification

CVSS	Base Score: 5.1 AV:N/AC:H/Au:N/C:P/I:P/A:P

Related Vulnerabilities

1024 CMS 1.1.0 Beta 'force_download.php' Local File Include Vulnerability
Adobe ColdFusion Multiple Full Path Disclosure Vulnerabilities
Apache mod_proxy_ftp Wildcard Characters XSS Vulnerability
Apache ActiveMQ 'admin/queueBrowse' Cross Site Scripting Vulnerability
AlienForm CGI script

Take action and discover your vulnerabilities