Ravens PHP Scripts

GeSHi Unspecified Code Execution Vulnerability
Date: Monday, November 03, 2008 @ 18:54:01 CET
Topic: Security


SECUNIA ADVISORY ID: SA32559

VERIFY ADVISORY: http://secunia.com/advisories/32559/

CRITICAL: Moderately critical

IMPACT: System access

SOFTWARE: GeSHi 1.x: http://secunia.com/advisories/product/5752/

DESCRIPTION: A vulnerability has been reported in GeSHI, which can potentially be exploited by malicious people to compromise a vulnerable system.




The vulnerability is caused due to an unspecified error, which may allow execution of arbitrary code on an affected system. The vulnerability is reported in versions prior to 1.0.8.1.

SOLUTION: Update to version 1.0.8.1.

PROVIDED AND/OR DISCOVERED BY: Reported by the vendor.

ORIGINAL ADVISORY: http://sourceforge.net/project/shownotes.php?release_id=637321






This article comes from Ravens PHP Scripts
http://www.ravenphpscripts.com

The URL for this story is:
http://www.ravenphpscripts.com/modules.php?name=News&file=article&sid=3487