CVE-2005-2259 Information

Description

The dispallclosed2 function in dispallclosed.pl for multiple USANet Creations products including (1) USANet Shopping Mall Software (2) Domain Name Auction Software (3) Standard Classified Ads Software and (4) MakeBid Reverse Auction allows remote attackers to execute arbitrary code via shell metacharacters in the DISPCLOSED parameter.

Reference

http://secunia.com/advisories/15985 http://securitytracker.com/id?1014411 http://www.securityfocus.com/bid/14179