Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2015-0934

Overview

Vulnerability Score 6.5 6.5
CVE Id CVE-2015-0934
Last Modified 04 Mar 2015 02:10:01
Published 03 Mar 2015 09:59:03
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication SINGLE_INSTANCE

CVE-2015-0934

Summary

Common LaTeX Service Interface (CLSI) before 0.1.3, as used in ShareLaTeX before 0.1.3, allows remote authenticated users to execute arbitrary code via ` (backtick) characters in a filename.

Vulnerable Systems

Application

  • Sharelatex 0.1.2


References

CERT-VN - VU#302668


Last Updated: 27 May 2016 11:07:58