Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2007-5492

Overview

Vulnerability Score 4.6 4.6
CVE Id CVE-2007-5492
Last Modified 07 Mar 2011 10:00:47
Published 17 Oct 2007 03:17:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity HIGH
Authentication SINGLE_INSTANCE

CVE-2007-5492

Summary

Static code injection vulnerability in the translation module (translator.php) in SiteBar 3.3.8 allows remote authenticated users to execute arbitrary PHP code via the value parameter.

Vulnerable Systems

Application

  • Sitebar 3.3.8


References

CONFIRM - https://bugs.gentoo.org/show_bug.cgi?id=195810

CONFIRM - https://bugs.gentoo.org/attachment.cgi?id=133465&action=view

VUPEN - ADV-2007-3768

OSVDB - 43760

BID - 26126

BUGTRAQ - 20071018 Serious holes affecting SiteBar 3.3.8

GENTOO - GLSA-200711-05

DEBIAN - DSA-1423

CONFIRM - http://teamforge.net/viewcvs/viewcvs.cgi/tags/release-3.3.9/doc/history.txt?view=markup

SECUNIA - 28008

SECUNIA - 27503


Last Updated: 27 May 2016 10:46:12