CVE-2012-3572

Name of the Vulnerable Software and Affected Versions Open Source Competency Center (OSCC) MyMeeting versions 3.0.1 and earlier Open Source Competency Center (OSCC) MyMesyuarat version 09b-1

Description The issue allows remote authenticated users to execute arbitrary PHP code via a crafted document, due to improper verification of uploaded documents.

Recommendations For MyMeeting versions 3.0.1 and earlier, update to a version that properly verifies uploaded documents. For MyMesyuarat version 09b-1, update to a version that properly verifies uploaded documents. As a temporary workaround, consider restricting the upload of documents to minimize the risk of exploitation.