CVE-2012-2670

Name of the Vulnerable Software and Affected Versions Collabtive versions prior to 0.7.6

Description The issue allows remote authenticated users, and possibly unauthenticated attackers, to bypass intended access restrictions. This is achieved by uploading an avatar file with an accepted Content-Type, such as image/jpeg, and then accessing it via a direct request to the file in files/standard/avatar. This enables the upload and execution of arbitrary files.

Recommendations For versions prior to 0.7.6, update to version 0.7.6 or later to resolve the issue. As a temporary workaround, consider restricting access to the manageuser.php file and the files/standard/avatar directory to minimize the risk of exploitation. Avoid using the manageuser.php file to upload avatar files until the issue is resolved.