Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2010-5091

Overview

Vulnerability Score 6.0 6.0
CVE Id CVE-2010-5091
Last Modified 27 Aug 2012 12:00:00
Published 26 Aug 2012 02:55:01
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity MEDIUM
Authentication SINGLE_INSTANCE

CVE-2010-5091

Summary

The setName function in filesystem/File.php in SilverStripe 2.3.x before 2.3.8 and 2.4.x before 2.4.1 allows remote authenticated users with CMS author privileges to execute arbitrary PHP code by changing the extension of an uploaded file.

Vulnerable Systems

Application

  • Silverstripe 2.3.0

  • Silverstripe 2.3.1

  • Silverstripe 2.3.2

  • Silverstripe 2.3.3

  • Silverstripe 2.3.4

  • Silverstripe 2.3.5

  • Silverstripe 2.3.6

  • Silverstripe 2.3.7

  • Silverstripe 2.4.0


References

MLIST - [oss-security] 20120501 Re: CVE-request: SilverStripe before 2.4.4

MLIST - [oss-security] 20120430 Re: CVE-request: SilverStripe before 2.4.4

MLIST - [oss-security] 20120430 CVE-request: SilverStripe before 2.4.4

MISC - http://open.silverstripe.org/ticket/5693

CONFIRM - http://open.silverstripe.org/changeset/107273

CONFIRM - http://doc.silverstripe.org/sapphire/en/trunk/changelogs//2.4.1

CONFIRM - http://doc.silverstripe.org/sapphire/en/trunk/changelogs//2.3.8

MISC - http://dl.packetstormsecurity.net/1006-exploits/silverstripe-shell.txt


Last Updated: 27 May 2016 11:00:20