WeeChat 'hook_process()' Function Remote Shell Command Injection Vulnerability

Bugtraq ID: 56584
Class: Input Validation Error
CVE: CVE-2012-5534
Remote: Yes
Local: No
Published: Nov 19 2012 12:00AM
Updated: May 06 2014 08:03AM
Credit: Sebastien Helleu
Vulnerable: SuSE openSUSE 11.4
Red Hat Fedora 17
Red Hat Fedora 16
Gentoo Linux
FlashTux WeeChat 0.3.4
Debian Linux 6.0 sparc
Debian Linux 6.0 s/390
Debian Linux 6.0 powerpc
Debian Linux 6.0 mips
Debian Linux 6.0 ia-64
Debian Linux 6.0 ia-32
Debian Linux 6.0 arm
Debian Linux 6.0 amd64
Not Vulnerable:


 

Privacy Statement
Copyright 2010, SecurityFocus