Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-3572

Overview

Vulnerability Score 6.0 6.0
CVE Id CVE-2012-3572
Last Modified 12 Sep 2012 10:53:26
Published 11 Sep 2012 03:55:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity MEDIUM
Authentication SINGLE_INSTANCE

CVE-2012-3572

Summary

Open Source Competency Center (OSCC) MyMeeting 3.0.1 and earlier, and MyMesyuarat 09b-1, does not properly verify uploaded documents, which allows remote authenticated users to execute arbitrary PHP code via a crafted document.

Vulnerable Systems

Application

  • Nurul Hidayah Hamazulan Mymesyuarat 09b-1

  • Oscc Mymeeting 3.0.1


References

MISC - http://www.mycert.org.my/en/services/advisories/mycert/2012/main/detail/904/index.html

MISC - http://sourceforge.net/projects/mymesyuarat/files/mymesyuarat/mymesyuarat%20ver0.9b-2.zip/download


Last Updated: 27 May 2016 11:00:34