CVE: CVE-2006-1865

Export to Word

Argument injection vulnerability in Beagle before 0.2.5 allows attackers to execute arbitrary commands via crafted filenames that inject command line arguments when Beagle launches external helper applications while indexing.

Threat-Mapped Scoring

Score: 0.0

Priority: Unclassified

EPSS

Score: 0.019
Percentile: 0.82442

CVSS Scoring

CVSS v2 Score: 7.5

Severity:

Mapped CWE(s)

CWE-88 : Improper Neutralization of Argument Delimiters in a Command ('Argument Injection')

All CAPEC(s)

CAPEC-137: Parameter Injection
CAPEC-174: Flash Parameter Injection
CAPEC-41: Using Meta-characters in E-mail Headers to Inject Malicious Payloads
CAPEC-460: HTTP Parameter Pollution (HPP)
CAPEC-88: OS Command Injection

CVE: CVE-2006-1865

Threat-Mapped Scoring

EPSS

CVSS Scoring

Mapped CWE(s)

All CAPEC(s)

CAPEC(s) with Mapped TTPs

Mapped ATT&CK TTPs

Affected Products