PEAR Net_Traceroute 'traceroute()' Function Arbitrary Argument Injection Vulnerability

PEAR Net_Traceroute 'traceroute()' Function Arbitrary Argument Injection Vulnerability

PEAR Net_Traceroute is prone to a remote argument-injection vulnerability because it fails to adequately sanitize user-supplied input data.

Remote attackers can exploit this issue to execute arbitrary commands within the context of the affected application. Successful exploits will compromise the affected application and possibly the computer.

Versions prior to PEAR Net_Traceroute 0.21.2 are vulnerable.