|
|
CVE Reference: CVE-2006-3102 |
|
| NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. | |
|
Original Page at CVE MITRE: CVE-2006-3102 |
|
|
Description: Race condition in articles/BitArticle.php in Bitweaver 1.3, when run on Apache with the mod_mime extension, allows remote attackers to execute arbitrary PHP code by uploading arbitrary files with double extensions, which are stored for a small period of time under the webroot in the temp/articles directory. |
|
|
CVE Status: Candidate |
|
|
References: XF http://xforce.iss.net/xforce/xfdb/27215 SREASON http://securityreason.com/securityalert/1115 SAID Secunia Advisory: SA20695 OSVDB 26587 MISC http://retrogod.altervista.org/bitweaver_13_xpl.html MILW0RM http://www.milw0rm.com/exploits/1918 CONFIRM http://www.bitweaver.org/articles/45 http://sourceforge.net/project/shownotes.php?release_id=336854&group_id=141358 BUGTRAQ http://www.securityfocus.com/archive/1/archive/1/437491/100/0/threaded |
|
| Return to the previous page. |
