PT-2012-4744 · Ushahidi · Ushahidi Platform

Wil Clouser

Published

2012-08-12

Updated

2012-08-13

CVE-2012-3475

CVSS v2.0

7.5

High

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions Ushahidi Platform versions prior to 2.5

Description The issue concerns the installer in the Ushahidi Platform, where it omits certain calls to the exit function. This allows remote attackers to obtain administrative privileges via unspecified vectors.

Recommendations For versions prior to 2.5, update to version 2.5 or later to resolve the issue.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2012-3475

Affected Products

Ushahidi Platform

PT-2012-4744 · Ushahidi · Ushahidi Platform

CVE-2012-3475

Related Identifiers

Affected Products

References · 5