CVE-2012-5932
Severity CVSS v4.0:
Pending analysis
Type:
CWE-94
Code Injection
Publication date:
24/12/2012
Last modified:
11/04/2025
Description
Eval injection vulnerability in the ldapagnt_eval function in ldapagnt.dll in unifid.exe in NetIQ Privileged User Manager 2.3.x before 2.3.1 HF2 allows remote attackers to execute arbitrary Perl code via a crafted application/x-amf request.
Impact
Base Score 2.0
10.00
Severity 2.0
HIGH
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:a:microfocus:privileged_user_manager:2.3.0:*:*:*:*:*:*:* | ||
| cpe:2.3:a:microfocus:privileged_user_manager:2.3.1:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- http://download.novell.com/Download?buildid=K6-PmbPjduA~
- http://retrogod.altervista.org/9sg_novell_netiq_ii.htm
- http://retrogod.altervista.org/9sg_novell_netiq_ldapagnt_adv.htm
- https://www.netiq.com/support/kb/doc.php?id=7011385
- http://download.novell.com/Download?buildid=K6-PmbPjduA~
- http://retrogod.altervista.org/9sg_novell_netiq_ii.htm
- http://retrogod.altervista.org/9sg_novell_netiq_ldapagnt_adv.htm
- https://www.netiq.com/support/kb/doc.php?id=7011385