{"containers":{"cna":{"affected":[{"product":"n/a","vendor":"n/a","versions":[{"status":"affected","version":"n/a"}]}],"datePublic":"2003-04-01T00:00:00.000Z","descriptions":[{"lang":"en","value":"FUNC.pm in IkonBoard 3.1.2a and earlier, including 3.1.1, does not properly cleanse the \"lang\" cookie when it contains illegal characters, which allows remote attackers to execute arbitrary code when the cookie is inserted into a Perl \"eval\" statement."}],"problemTypes":[{"descriptions":[{"description":"n/a","lang":"en","type":"text"}]}],"providerMetadata":{"dateUpdated":"2016-10-17T13:57:01.000Z","orgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","shortName":"mitre"},"references":[{"name":"20030917 Exploit: IkonBoard 3.1.1/3.1.2a arbitrary command execution","tags":["mailing-list","x_refsource_BUGTRAQ"],"url":"http://marc.info/?l=bugtraq&m=106381136115972&w=2"},{"name":"20030908 IkonBoard 3.1.2a arbitrary command execution","tags":["mailing-list","x_refsource_BUGTRAQ"],"url":"http://www.securityfocus.com/archive/1/336598"},{"name":"20030401 IkonBoard v3.1.1: arbitrary command execution","tags":["mailing-list","x_refsource_BUGTRAQ"],"url":"http://www.securityfocus.com/archive/1/317234"}],"x_legacyV4Record":{"CVE_data_meta":{"ASSIGNER":"cve@mitre.org","ID":"CVE-2003-0770","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"n/a","version":{"version_data":[{"version_value":"n/a"}]}}]},"vendor_name":"n/a"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"FUNC.pm in IkonBoard 3.1.2a and earlier, including 3.1.1, does not properly cleanse the \"lang\" cookie when it contains illegal characters, which allows remote attackers to execute arbitrary code when the cookie is inserted into a Perl \"eval\" statement."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"n/a"}]}]},"references":{"reference_data":[{"name":"20030917 Exploit: IkonBoard 3.1.1/3.1.2a arbitrary command execution","refsource":"BUGTRAQ","url":"http://marc.info/?l=bugtraq&m=106381136115972&w=2"},{"name":"20030908 IkonBoard 3.1.2a arbitrary command execution","refsource":"BUGTRAQ","url":"http://www.securityfocus.com/archive/1/336598"},{"name":"20030401 IkonBoard v3.1.1: arbitrary command execution","refsource":"BUGTRAQ","url":"http://www.securityfocus.com/archive/1/317234"}]}}},"adp":[{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-08T02:05:12.563Z"},"title":"CVE Program Container","references":[{"name":"20030917 Exploit: IkonBoard 3.1.1/3.1.2a arbitrary command execution","tags":["mailing-list","x_refsource_BUGTRAQ","x_transferred"],"url":"http://marc.info/?l=bugtraq&m=106381136115972&w=2"},{"name":"20030908 IkonBoard 3.1.2a arbitrary command execution","tags":["mailing-list","x_refsource_BUGTRAQ","x_transferred"],"url":"http://www.securityfocus.com/archive/1/336598"},{"name":"20030401 IkonBoard v3.1.1: arbitrary command execution","tags":["mailing-list","x_refsource_BUGTRAQ","x_transferred"],"url":"http://www.securityfocus.com/archive/1/317234"}]}]},"cveMetadata":{"assignerOrgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","assignerShortName":"mitre","cveId":"CVE-2003-0770","datePublished":"2003-09-12T04:00:00.000Z","dateReserved":"2003-09-09T00:00:00.000Z","dateUpdated":"2024-08-08T02:05:12.563Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.1"}