MantisBT 'core/current_user_api.php' PHP Object Injection Vulnerability

Bugtraq ID: 71361
Class: Input Validation Error
CVE: CVE-2014-9280
Remote: Yes
Local: No
Published: Nov 29 2014 12:00AM
Updated: Jan 12 2015 12:01AM
Credit: Mathias Karlsson
Vulnerable: Mantisbt Mantisbt 1.2.9
Mantisbt Mantisbt 1.2.8
Mantisbt Mantisbt 1.2.7
Mantisbt Mantisbt 1.2.6
Mantisbt Mantisbt 1.2.4
Mantisbt Mantisbt 1.2.3
Mantisbt Mantisbt 1.2.2
Mantisbt Mantisbt 1.2.1
Debian Linux 6.0 sparc
Debian Linux 6.0 s/390
Debian Linux 6.0 powerpc
Debian Linux 6.0 mips
Debian Linux 6.0 ia-64
Debian Linux 6.0 ia-32
Debian Linux 6.0 arm
Debian Linux 6.0 amd64
Not Vulnerable:


 

Privacy Statement
Copyright 2010, SecurityFocus