CVE-2010-5091: Code Injection
First published: Sun Aug 26 2012(Updated: )
The setName function in filesystem/File.php in SilverStripe 2.3.x before 2.3.8 and 2.4.x before 2.4.1 allows remote authenticated users with CMS author privileges to execute arbitrary PHP code by changing the extension of an uploaded file.
Credit: secalert@redhat.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Silverstripe silverstripe | =2.3.4 | |
| Silverstripe silverstripe | =2.3.0-rc2 | |
| Silverstripe silverstripe | =2.3.7 | |
| Silverstripe silverstripe | =2.3.1-rc2 | |
| Silverstripe silverstripe | =2.3.0-rc3 | |
| Silverstripe silverstripe | =2.3.3 | |
| Silverstripe silverstripe | =2.3.1 | |
| Silverstripe silverstripe | =2.4.0 | |
| Silverstripe silverstripe | =2.3.1-rc1 | |
| Silverstripe silverstripe | =2.3.5 | |
| Silverstripe silverstripe | =2.3.6 | |
| Silverstripe silverstripe | =2.3.0 | |
| Silverstripe silverstripe | =2.3.2 | |
| Silverstripe silverstripe | =2.3.0-rc1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://open.silverstripe.org/changeset/107273
- http://doc.silverstripe.org/sapphire/en/trunk/changelogs//2.3.8
- http://dl.packetstormsecurity.net/1006-exploits/silverstripe-shell.txt
- http://www.openwall.com/lists/oss-security/2012/04/30/3
- http://doc.silverstripe.org/sapphire/en/trunk/changelogs//2.4.1
- http://open.silverstripe.org/ticket/5693
- http://www.openwall.com/lists/oss-security/2012/04/30/1
- http://www.openwall.com/lists/oss-security/2012/05/01/3
- agent/author
- agent/description
- agent/event
- agent/first-publish-date
- agent/last-modified-date
- agent/references
- agent/remedy
- agent/severity
- agent/softwarecombine
- agent/tags
- agent/type
- agent/weakness
- collector/nvd-historical
- collector/nvd-index
- vendor/silverstripe
- canonical/silverstripe silverstripe
- version/silverstripe silverstripe/2.3.4
- version/silverstripe silverstripe/2.3.0-rc2
- version/silverstripe silverstripe/2.3.7
- version/silverstripe silverstripe/2.3.1-rc2
- version/silverstripe silverstripe/2.3.0-rc3
- version/silverstripe silverstripe/2.3.3
- version/silverstripe silverstripe/2.3.1
- version/silverstripe silverstripe/2.4.0
- version/silverstripe silverstripe/2.3.1-rc1
- version/silverstripe silverstripe/2.3.5
- version/silverstripe silverstripe/2.3.6
- version/silverstripe silverstripe/2.3.0
- version/silverstripe silverstripe/2.3.2
- version/silverstripe silverstripe/2.3.0-rc1