← CVECheck
HomeVulnerabilities

CVE-2003-1426 — LOW severity vulnerability (Openwebmail in cPanel 5.0, when run using suid Perl, adds th)

Openwebmail in cPanel 5.0, when run using suid Perl, adds the directory in the SCRIPT_FILENAME environment variable to Perl's @INC include array, which allows local users to execute arbitrary code by modifying SCRIPT_FILENAME to reference a directory containing a malicious openwebmail-shared.pl executable.

CVE IDCVE-2003-1426
SeverityLOW
CVSS score3.3
CVSS vectorAV:L/AC:M/Au:N/C:P/I:P/A:N
CWECWE-16
StatusModified
Published2003-12-31
Last modified2026-04-16
DescriptionOpenwebmail in cPanel 5.0, when run using suid Perl, adds the directory in the SCRIPT_FILENAME environment variable to Perl's @INC include array, which allows local users to execute arbitrary code by modifying SCRIPT_FILENAME to reference a directory containing a malicious openwebmail-shared.pl executable.
SourceNIST National Vulnerability Database

🔍 Search all vulnerabilities →