What is the severity of CVE-2009-4412?

CVE-2009-4412 is considered a critical vulnerability due to the potential for remote code execution.

How do I fix CVE-2009-4412?

To fix CVE-2009-4412, you should upgrade Serendipity to version 1.5 or later.

What versions of Serendipity are affected by CVE-2009-4412?

CVE-2009-4412 affects Serendipity versions prior to 1.5, including versions like 0.5, 1.0.3, 1.1, and 1.4.1.

Can CVE-2009-4412 be exploited without authentication?

No, CVE-2009-4412 requires an authenticated user to exploit the vulnerability.

What type of attacks can be carried out using CVE-2009-4412?

CVE-2009-4412 can be exploited to execute arbitrary code on the server through the upload of malicious files.

Vulnerability/
CVE-2009-4412

medium

CWE

NVD-CWE-Other

24/12/2009

7/8/2024

CVE-2009-4412

First published: Thu Dec 24 2009(Updated: )

Unrestricted file upload vulnerability in Serendipity before 1.5 allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension followed by a safe extension, then accessing it via a direct request to the file in an unspecified directory. NOTE: some of these details are obtained from third party information.

Credit: cve@mitre.org

Affected Software	Affected Version	How to fix
Serendipity (S9Y) Freetag Event	=0.5
Serendipity (S9Y) Freetag Event	=1.0.3
Serendipity (S9Y) Freetag Event	=1.3
Serendipity (S9Y) Freetag Event	=1.1.4
Serendipity (S9Y) Freetag Event	=0.4
Serendipity (S9Y) Freetag Event	=0.8.5
Serendipity (S9Y) Freetag Event	=0.7
Serendipity (S9Y) Freetag Event	=1.1.2
Serendipity (S9Y) Freetag Event	=1.0.4
Serendipity (S9Y) Freetag Event	=0.8.3
Serendipity (S9Y) Freetag Event	=0.8.4
Serendipity (S9Y) Freetag Event	=0.8.2
Serendipity (S9Y) Freetag Event	=0.6-pl3
Serendipity (S9Y) Freetag Event	=1.0.2
Serendipity (S9Y) Freetag Event	=1.1.1
Serendipity (S9Y) Freetag Event	=1.1
Serendipity (S9Y) Freetag Event	=0.7.1
Serendipity (S9Y) Freetag Event	=1.0.1
Serendipity (S9Y) Freetag Event	=1.0
Serendipity (S9Y) Freetag Event	=1.3.1
Serendipity (S9Y) Freetag Event	=0.8.1
Serendipity (S9Y) Freetag Event	=0.8
Serendipity (S9Y) Freetag Event	=1.2.1
Serendipity (S9Y) Freetag Event	=0.3
Serendipity (S9Y) Freetag Event	<=1.5
Serendipity (S9Y) Freetag Event	=0.9.1
Serendipity (S9Y) Freetag Event	=0.9
Serendipity (S9Y) Freetag Event	=1.1.3
Serendipity (S9Y) Freetag Event	=1.1-beta1
Serendipity (S9Y) Freetag Event	=1.4
Serendipity (S9Y) Freetag Event	=1.2
Serendipity (S9Y) Freetag Event	=1.4.1
Serendipity (S9Y) Freetag Event	=0.5-pl1
Serendipity (S9Y) Freetag Event	=0.6

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2009-4412?
CVE-2009-4412 is considered a critical vulnerability due to the potential for remote code execution.
How do I fix CVE-2009-4412?
To fix CVE-2009-4412, you should upgrade Serendipity to version 1.5 or later.
What versions of Serendipity are affected by CVE-2009-4412?
CVE-2009-4412 affects Serendipity versions prior to 1.5, including versions like 0.5, 1.0.3, 1.1, and 1.4.1.
Can CVE-2009-4412 be exploited without authentication?
No, CVE-2009-4412 requires an authenticated user to exploit the vulnerability.
What type of attacks can be carried out using CVE-2009-4412?
CVE-2009-4412 can be exploited to execute arbitrary code on the server through the upload of malicious files.

agent/references
agent/softwarecombine
agent/type
collector/mitre-cve
source/MITRE
agent/weakness
agent/last-modified-date
agent/severity
agent/author
agent/event
agent/description
agent/first-publish-date
agent/source
agent/tags
collector/nvd-historical
agent/software-canonical-lookup-request
collector/nvd-index
vendor/s9y
canonical/serendipity (s9y) freetag event
version/serendipity (s9y) freetag event/0.5
version/serendipity (s9y) freetag event/1.0.3
version/serendipity (s9y) freetag event/1.3
version/serendipity (s9y) freetag event/1.1.4
version/serendipity (s9y) freetag event/0.4
version/serendipity (s9y) freetag event/0.8.5
version/serendipity (s9y) freetag event/0.7
version/serendipity (s9y) freetag event/1.1.2
version/serendipity (s9y) freetag event/1.0.4
version/serendipity (s9y) freetag event/0.8.3
version/serendipity (s9y) freetag event/0.8.4
version/serendipity (s9y) freetag event/0.8.2
version/serendipity (s9y) freetag event/0.6-pl3
version/serendipity (s9y) freetag event/1.0.2
version/serendipity (s9y) freetag event/1.1.1
version/serendipity (s9y) freetag event/1.1
version/serendipity (s9y) freetag event/0.7.1
version/serendipity (s9y) freetag event/1.0.1
version/serendipity (s9y) freetag event/1.0
version/serendipity (s9y) freetag event/1.3.1
version/serendipity (s9y) freetag event/0.8.1
version/serendipity (s9y) freetag event/0.8
version/serendipity (s9y) freetag event/1.2.1
version/serendipity (s9y) freetag event/0.3
version/serendipity (s9y) freetag event/1.5
version/serendipity (s9y) freetag event/0.9.1
version/serendipity (s9y) freetag event/0.9
version/serendipity (s9y) freetag event/1.1.3
version/serendipity (s9y) freetag event/1.1-beta1
version/serendipity (s9y) freetag event/1.4
version/serendipity (s9y) freetag event/1.2
version/serendipity (s9y) freetag event/1.4.1
version/serendipity (s9y) freetag event/0.5-pl1
version/serendipity (s9y) freetag event/0.6

CVE-2009-4412

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2009-4412?

How do I fix CVE-2009-4412?

What versions of Serendipity are affected by CVE-2009-4412?

Can CVE-2009-4412 be exploited without authentication?

What type of attacks can be carried out using CVE-2009-4412?

Company

Resources

Contact

Frequently Asked Questions

What is the severity of CVE-2009-4412?

How do I fix CVE-2009-4412?

What versions of Serendipity are affected by CVE-2009-4412?

Can CVE-2009-4412 be exploited without authentication?

What type of attacks can be carried out using CVE-2009-4412?