Package: dotclear Version: 2.4.2+dfsg-2 Tags: security admin/media.php stores a user-supplied file on the web server, preserving its file extension. This allows authenticated remote users with 'media,media_admin' rights to escalate their privileges to that of the web server (usually www-data).
This vulnerability is present in the Debian package although the client frontend swfupload.swf was removed due to DFSG concerns. -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected]
