{"document":{"aggregate_severity":{"namespace":"https://www.suse.com/support/security/rating/","text":"important"},"category":"csaf_vex","csaf_version":"2.0","distribution":{"text":"Copyright 2024 SUSE LLC. All rights reserved.","tlp":{"label":"WHITE","url":"https://www.first.org/tlp/"}},"lang":"en","notes":[{"category":"summary","text":"SUSE CVE-2005-1921","title":"Title"},{"category":"description","text":"Eval injection vulnerability in PEAR XML_RPC 1.3.0 and earlier (aka XML-RPC or xmlrpc) and PHPXMLRPC (aka XML-RPC For PHP or php-xmlrpc) 1.1 and earlier, as used in products such as (1) WordPress, (2) Serendipity, (3) Drupal, (4) egroupware, (5) MailWatch, (6) TikiWiki, (7) phpWebSite, (8) Ampache, and others, allows remote attackers to execute arbitrary PHP code via an XML file, which is not properly sanitized before being used in an eval statement.","title":"Description of the CVE"},{"category":"legal_disclaimer","text":"CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).","title":"Terms of use"}],"publisher":{"category":"vendor","contact_details":"https://www.suse.com/support/security/contact/","name":"SUSE Product Security Team","namespace":"https://www.suse.com/"},"references":[{"category":"external","summary":"CVE-2005-1921","url":"https://www.suse.com/security/cve/CVE-2005-1921"},{"category":"external","summary":"SUSE Security Ratings","url":"https://www.suse.com/support/security/rating/"},{"category":"external","summary":"SUSE Bug 94579 for CVE-2005-1921","url":"https://bugzilla.suse.com/94579"},{"category":"external","summary":"Advisory link for SUSE-SA:2005:041","url":"https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/KPBFBFRFLONRI6QYZN3R3G4D6LDJCLKG/#KPBFBFRFLONRI6QYZN3R3G4D6LDJCLKG"},{"category":"external","summary":"Advisory link for SUSE-SA:2005:051","url":"https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/SYCF5SGLMEYS464XNB4XWFFNLGTIM6GU/#SYCF5SGLMEYS464XNB4XWFFNLGTIM6GU"},{"category":"external","summary":"Advisory link for SUSE-SR:2005:018","url":"https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/PYXHDPYYUNOTQCQD3V5Z7X4BPSKQDXF5/#PYXHDPYYUNOTQCQD3V5Z7X4BPSKQDXF5"}],"title":"SUSE CVE CVE-2005-1921","tracking":{"current_release_date":"2023-12-09T03:43:41Z","generator":{"date":"2023-02-15T06:18:09Z","engine":{"name":"cve-database.git:bin/generate-csaf-vex.pl","version":"1"}},"id":"CVE-2005-1921","initial_release_date":"2023-02-15T06:18:09Z","revision_history":[{"date":"2023-02-15T06:18:09Z","number":"2","summary":"Current version"},{"date":"2023-12-08T05:22:06Z","number":"3","summary":"Current version"},{"date":"2023-12-09T03:43:41Z","number":"4","summary":"Current version"}],"status":"interim","version":"4"}}}