WeeChat 'hook_process()' Function Remote Shell Command Injection Vulnerability

Bugtraq ID: 56584
Class: Input Validation Error
CVE: CVE-2012-5534
Remote: Yes
Local: No
Published: Nov 19 2012 12:00AM
Updated: Apr 13 2015 09:30PM
Credit: Sebastien Helleu
Vulnerable: S.u.S.E. openSUSE 11.4
Mandriva Business Server 1 X86 64
Mandriva Business Server 1
Gentoo Linux
FlashTux WeeChat 0.3.4
FlashTux WeeChat 0.3.9.1
FlashTux WeeChat 0.3.9
FlashTux WeeChat 0.3.8
FlashTux WeeChat 0.3.7
FlashTux WeeChat 0.3.6
Debian Linux 6.0 sparc
Debian Linux 6.0 s/390
Debian Linux 6.0 powerpc
Debian Linux 6.0 mips
Debian Linux 6.0 ia-64
Debian Linux 6.0 ia-32
Debian Linux 6.0 arm
Debian Linux 6.0 amd64
Not Vulnerable: FlashTux WeeChat 0.3.9.2


 

Privacy Statement
Copyright 2010, SecurityFocus