PT-2009-5291 · Tikiwiki · Ikiwiki

Josh Triplett

Published

2009-08-31

Updated

2024-06-15

CVE-2009-2944

CVSS v2.0

5.0

Medium

Vector

AV:N/AC:L/Au:N/C:P/I:N/A:N

Name of the Vulnerable Software and Affected Versions: ikiwiki versions prior to 3.1415926 ikiwiki versions 2.x prior to 2.53.4

Description: The issue is related to an incomplete blacklist vulnerability in the teximg plugin. This allows context-dependent attackers to read arbitrary files via crafted TeX commands.

Recommendations: For versions prior to 3.1415926, update to version 3.1415926 or later. For versions 2.x prior to 2.53.4, update to version 2.53.4 or later.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2009-2944

DSA-1875-1

OPENSUSE-SU-2024:10860-1

Affected Products

Ikiwiki

PT-2009-5291 · Tikiwiki · Ikiwiki

CVE-2009-2944

Related Identifiers

Affected Products

References · 28