CVE-2012-1933

Name of the Vulnerable Software and Affected Versions Newscoop versions 3.5.x through 3.5.4 Newscoop versions 4.0.0 through 4.0.RC3

Description The issue allows remote attackers to execute arbitrary PHP code when register globals is enabled. This can be achieved by providing a URL in the GLOBALS[g campsiteDir] parameter to specific API endpoints such as "include/phorum load.php", "conf/install conf.php", or "conf/liveuser configuration.php".

Recommendations For Newscoop versions 3.5.x through 3.5.4, update to version 3.5.5 or later. For Newscoop versions 4.0.0 through 4.0.RC3, update to version 4.RC4 or later. As a temporary workaround, consider disabling the register globals setting until a patch is available. Restrict access to the vulnerable API endpoints "include/phorum load.php", "conf/install conf.php", and "conf/liveuser configuration.php" to minimize the risk of exploitation. Avoid using the GLOBALS[g campsiteDir] parameter in the affected API endpoints until the issue is resolved.