Описание
Multiple directory traversal vulnerabilities in FCKeditor before 2.6.4.1 allow remote attackers to create executable files in arbitrary directories via directory traversal sequences in the input to unspecified connector modules, as exploited in the wild for remote code execution in July 2009, related to the file browser and the editor/filemanager/connectors/ directory.
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | DNE | |
| devel | not-affected | |
| hardy | ignored | end of life |
| intrepid | released | 1:2.6.2-1lenny1build0.8.10.1 |
| jaunty | ignored | end of life |
| karmic | not-affected | 1:2.6.4.1-1 |
| lucid | not-affected | |
| maverick | not-affected | |
| natty | not-affected | |
| oneiric | not-affected |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | not-affected | code not present |
| devel | not-affected | system fckeditor |
| hardy | not-affected | code not present |
| intrepid | not-affected | code not present |
| jaunty | not-affected | system fckeditor |
| karmic | not-affected | system fckeditor |
| lucid | not-affected | system fckeditor |
| maverick | not-affected | system fckeditor |
| natty | not-affected | system fckeditor |
| oneiric | not-affected | system fckeditor |
Показывать по
Ссылки на источники
EPSS
7.5 High
CVSS2
Связанные уязвимости
Multiple directory traversal vulnerabilities in FCKeditor before 2.6.4.1 allow remote attackers to create executable files in arbitrary directories via directory traversal sequences in the input to unspecified connector modules, as exploited in the wild for remote code execution in July 2009, related to the file browser and the editor/filemanager/connectors/ directory.
Multiple directory traversal vulnerabilities in FCKeditor before 2.6.4.1 allow remote attackers to create executable files in arbitrary directories via directory traversal sequences in the input to unspecified connector modules, as exploited in the wild for remote code execution in July 2009, related to the file browser and the editor/filemanager/connectors/ directory.
Multiple directory traversal vulnerabilities in FCKeditor before 2.6.4 ...
Multiple directory traversal vulnerabilities in FCKeditor before 2.6.4.1 allow remote attackers to create executable files in arbitrary directories via directory traversal sequences in the input to unspecified connector modules, as exploited in the wild for remote code execution in July 2009, related to the file browser and the editor/filemanager/connectors/ directory.
Уязвимость WYSIWYG-редактора Ckeditor, связанная с неверным ограничением имени пути к каталогу с ограниченным доступом. позволяющая нарушителю загрузить произвольные файлы
EPSS
7.5 High
CVSS2