What is the severity of CVE-2006-4674?

The severity of CVE-2006-4674 is classified as critical due to the potential for remote code execution.

How do I fix CVE-2006-4674?

To fix CVE-2006-4674, upgrade DokuWiki to a version released after 2006-03-09.

What versions of DokuWiki are affected by CVE-2006-4674?

Versions of DokuWiki released before 2006-03-09 are affected by CVE-2006-4674.

What type of vulnerability is CVE-2006-4674?

CVE-2006-4674 is a direct static code injection vulnerability.

What is the impact of CVE-2006-4674 on a DokuWiki installation?

CVE-2006-4674 allows attackers to execute arbitrary PHP code on affected DokuWiki installations.

Vulnerability/
CVE-2006-4674

high

7.5

CWE

NVD-CWE-Other 94

11/9/2006

7/8/2024

CVE-2006-4674: Code Injection

First published: Mon Sep 11 2006(Updated: )

Direct static code injection vulnerability in doku.php in DokuWiki before 2006-030-09c allows remote attackers to execute arbitrary PHP code via the X-FORWARDED-FOR HTTP header, which is stored in config.php.

Credit: cve@mitre.org

Affected Software	Affected Version	How to fix
DokuWiki	=release_2004-07-07
DokuWiki	=release_2004-08-08
DokuWiki	=release_2005-02-06
DokuWiki	=release_2005-01-16a
DokuWiki	=release_2004-09-12
DokuWiki	=release_2005-05-07
DokuWiki	=release_2004-07-25
DokuWiki	=release_2004-08-22
DokuWiki	=release_2004-09-25
DokuWiki	=release_2005-02-18
DokuWiki	<=release_2006-03-09
DokuWiki	=release_2005-09-22
DokuWiki	=release_2004-11-10
DokuWiki	=release_2005-01-15
DokuWiki	=release_2005-01-14
DokuWiki	=release_2004-07-04
DokuWiki	=release_2005-07-01
DokuWiki	=release_2004-07-21
DokuWiki	=release_2006-03-05
DokuWiki	=release_2005-07-13
DokuWiki	=release_2004-09-30
DokuWiki	=release_2004-08-15a
DokuWiki	=release_2004-10-19
DokuWiki	=release_2005-09-19
DokuWiki	=release_2004-11-01
DokuWiki	=release_2004-07-12
DokuWiki	=release_2004-11-02

Remedy

http://secunia.com/advisories/21819

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2006-4674?
The severity of CVE-2006-4674 is classified as critical due to the potential for remote code execution.
How do I fix CVE-2006-4674?
To fix CVE-2006-4674, upgrade DokuWiki to a version released after 2006-03-09.
What versions of DokuWiki are affected by CVE-2006-4674?
Versions of DokuWiki released before 2006-03-09 are affected by CVE-2006-4674.
What type of vulnerability is CVE-2006-4674?
CVE-2006-4674 is a direct static code injection vulnerability.
What is the impact of CVE-2006-4674 on a DokuWiki installation?
CVE-2006-4674 allows attackers to execute arbitrary PHP code on affected DokuWiki installations.

agent/type
agent/softwarecombine
collector/mitre-cve
source/MITRE
agent/references
agent/severity
agent/last-modified-date
agent/weakness
agent/remedy
agent/author
agent/description
agent/first-publish-date
agent/event
agent/source
agent/tags
collector/nvd-historical
agent/software-canonical-lookup-request
collector/nvd-index
vendor/andreas gohr
canonical/dokuwiki
version/dokuwiki/release_2004-07-07
version/dokuwiki/release_2004-08-08
version/dokuwiki/release_2005-02-06
version/dokuwiki/release_2005-01-16a
version/dokuwiki/release_2004-09-12
version/dokuwiki/release_2005-05-07
version/dokuwiki/release_2004-07-25
version/dokuwiki/release_2004-08-22
version/dokuwiki/release_2004-09-25
version/dokuwiki/release_2005-02-18
version/dokuwiki/release_2006-03-09
version/dokuwiki/release_2005-09-22
version/dokuwiki/release_2004-11-10
version/dokuwiki/release_2005-01-15
version/dokuwiki/release_2005-01-14
version/dokuwiki/release_2004-07-04
version/dokuwiki/release_2005-07-01
version/dokuwiki/release_2004-07-21
version/dokuwiki/release_2006-03-05
version/dokuwiki/release_2005-07-13
version/dokuwiki/release_2004-09-30
version/dokuwiki/release_2004-08-15a
version/dokuwiki/release_2004-10-19
version/dokuwiki/release_2005-09-19
version/dokuwiki/release_2004-11-01
version/dokuwiki/release_2004-07-12
version/dokuwiki/release_2004-11-02

Frequently Asked Questions

What is the severity of CVE-2006-4674?
The severity of CVE-2006-4674 is classified as critical due to the potential for remote code execution.
How do I fix CVE-2006-4674?
To fix CVE-2006-4674, upgrade DokuWiki to a version released after 2006-03-09.
What versions of DokuWiki are affected by CVE-2006-4674?
Versions of DokuWiki released before 2006-03-09 are affected by CVE-2006-4674.
What type of vulnerability is CVE-2006-4674?
CVE-2006-4674 is a direct static code injection vulnerability.
What is the impact of CVE-2006-4674 on a DokuWiki installation?
CVE-2006-4674 allows attackers to execute arbitrary PHP code on affected DokuWiki installations.

CVE-2006-4674: Code Injection

Remedy

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2006-4674?

How do I fix CVE-2006-4674?

What versions of DokuWiki are affected by CVE-2006-4674?

What type of vulnerability is CVE-2006-4674?

What is the impact of CVE-2006-4674 on a DokuWiki installation?

Company

Resources

Contact

Frequently Asked Questions

What is the severity of CVE-2006-4674?

How do I fix CVE-2006-4674?

What versions of DokuWiki are affected by CVE-2006-4674?

What type of vulnerability is CVE-2006-4674?

What is the impact of CVE-2006-4674 on a DokuWiki installation?