Oval Definition:	oval:org.opensuse.security:def:20052498
Revision Date: 2017-09-27 Version: 1 Title: CVE-2005-2498 Description: Eval injection vulnerability in PHPXMLRPC 1.1.1 and earlier (PEAR XML-RPC for PHP), as used in multiple products including (1) Drupal, (2) phpAdsNew, (3) phpPgAds, and (4) phpgroupware, allows remote attackers to execute arbitrary PHP code via certain nested XML tags in a PHP document that should not be nested, which are injected into an eval function call, a different vulnerability than CVE-2005-1921. Family: unix Class: vulnerability Status: Reference(s): CVE-2005-2498 Platform(s): Open Enterprise Server SUSE LINUX 9.3 SUSE Linux Enterprise Server 10 SP1 for AMD64 and Intel EM64T SUSE Linux Enterprise Server 10 SP1 for IBM POWER SUSE Linux Enterprise Server 10 SP1 for IBM zSeries 64bit SUSE Linux Enterprise Server 10 SP1 for IPF SUSE Linux Enterprise Server 10 SP1 for x86 Product(s): Definition Synopsis sles10-sp1-online is installed AND php5-suhosin less than 5.1.2-29.35
BACK