CVE-2007-0246 - Secunia Advisories - Vulnerability Information

CVE Reference: CVE-2007-0246
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2007-0246

Description: plugins/scmcvs/www/cvsweb.php in the CVSWeb CGI in GForge 4.5.16 before 20070524, aka gforge-plugin-scmcvs, allows remote attackers to execute arbitrary commands via shell metacharacters in the PATH_INFO.

CVE Status: Candidate

References: XF http://xforce.iss.net/xforce/xfdb/34510 SAID Secunia Advisory: SA25395 Secunia Advisory: SA25416 DEBIAN http://www.debian.org/security/2007/dsa-1297 CONFIRM http://gforge.org/scm/viewvc.php/branches/Branch_4_5/gforge/plugins/scmcvs/www/cvsweb.php?root=gforge&r1=5849&r2=6038&pathrev=6038 BID 24141

Return to the previous page.