PT-2012-3903 · Catalyst It · Mahara
Mike Haworth
·
Publicado
2012-11-24
·
Atualizado
2013-02-08
·
CVE-2012-2244
CVSS v2.0
6.0
Média
| Vetor | AV:N/AC:M/Au:S/C:P/I:P/A:P |
Name of the Vulnerable Software and Affected Versions
Mahara versions 1.4.x through 1.4.4
Mahara versions 1.5.x through 1.5.3
Description
The issue allows remote authenticated administrators to execute arbitrary programs by modifying the path to
clamav. It can also be exploited without authentication by leveraging another vulnerability.Recommendations
For Mahara versions 1.4.x through 1.4.4, update to version 1.4.5 or later.
For Mahara versions 1.5.x through 1.5.3, update to version 1.5.4 or later.
Correção
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Mahara