CVE-2005-1377

Properties

Published:
02.05.2005
Updated:
28.09.2006
Patch available:
Severity:
High
CVSS vector:
(AV:R/AC:L/Au:NR/C:P/I:P/A:P/B:N) Approximated
Product:
Claroline: Claroline
Claroline: Claroline
Claroline: Claroline

Vulnerability description

Multiple PHP remote file inclusion vulnerabilities in Claroline 1.5.3 through 1.6 Release Candidate 1, and possibly Dokeos, allow remote attackers to execute arbitrary PHP code via unknown vectors.

References:

CONFIRM: http://www.claroline.net/news.php#85
BID: http://www.securityfocus.com/bid/13407
SECTRACK: http://securitytracker.com/id?1013822
SECUNIA: http://secunia.com/advisories/15161
XF: http://xforce.iss.net/xforce/xfdb/20300
BUGTRAQ: http://marc.theaimsgroup.com/?l=bugtraq&m=111464607103407&w=2
SECUNIA: http://secunia.com/advisories/15725