CVE-2003-0398 Information

Description

Vignette StoryServer 4 and 5 and Vignette V/5 and V/6 with the SSI EXEC feature enabled allows remote attackers to execute arbitrary code via a text variable to a Vignette Application that is later displayed.

Reference

http://marc.info/?l=bugtraq&m=105405734223874&w=2 http://www.iss.net/security_center/static/12077.php http://www.s21sec.com/es/avisos/s21sec-016-en.txt http://www.securityfocus.com/bid/7685