|
|
CVE Reference: CVE-2007-4536 |
|
| NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. | |
|
Original Page at CVE MITRE: CVE-2007-4536 |
|
|
Description: TorrentTrader 1.07 and earlier sets insecure permissions for files in the root directory, which allows attackers to execute arbitrary PHP code by modifying (1) disclaimer.txt, (2) sponsors.txt, and (3) banners.txt, which are used in an include call. NOTE: there might be local attack vectors that extend to other files. |
|
|
CVE Status: Candidate |
|
|
References: VIM http://www.attrition.org/pipermail/vim/2007-August/001774.html SAID Secunia Advisory: SA26679 OSVDB 40257 CONFIRM http://www.torrenttrader.org/index.php?showtopic=5843 BID 25536 |
|
| Return to the previous page. |
