CVE-1999-1063

CVSS 2.0 Score 10 of 10 (high)

Details

Published Jun 1, 1999
Updated: Nov 20, 2024

Summary

CVE-1999-1063 is a vulnerability affecting the CDomain whois_raw.cgi script. This CGI program is used for performing whois queries, but it contains a weakness that allows remote attackers to execute arbitrary commands. The flaw is located in the processing of the fqdn (fully qualified domain name) parameter, which can contain shell metacharacters that are incorrectly handled by the script, resulting in command execution on the underlying system. This issue can potentially lead to serious security consequences, such as unauthorized system access and data theft.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share