severity 661020 normal
thanks
Hi,
From what I see the remote file inclusion is limited to environments with
register_globals being on though.
I've investigated this issue. The vast majority of the mentioned 'attacks'
evidently only possible through register_globals, and the one about
'create'
Package: src:acidbase
Dear maintainer,
Recently you fixed one or more security problems and as a result you closed
this bug. These problems were not serious enough for a Debian Security
Advisory, so they are now on my radar for fixing in the following suites
through point releases:
squeeze
Source: acidbase
Severity: grave
Tags: security
Hi,
the following CVE (Common Vulnerabilities Exposures) id was
published for acidbase.
CVE-2012-1198[0]:
| base_ag_main.php in Basic Analysis and Security Engine (BASE) 1.4.5
| allows remote attackers to execute arbitrary code by uploading
|
3 matches
Mail list logo
