You are here

U-155: WebCalendar Access Control and File Inclusion Bugs Let Remote Users Potentially Execute Arbitrary Code

April 25, 2012 - 7:00am

Addthis

PROBLEM:

WebCalendar Access Control and File Inclusion Bugs Let Remote Users Potentially Execute Arbitrary Code

PLATFORM:

1.2.4 and prior versions

ABSTRACT:

Two vulnerabilities were reported in WebCalendar. A remote user may be able to execute arbitrary PHP code on the target system.

reference links:

SecurityTracker Alert ID: 1026966
CVE-2012-1495
CVE-2012-1496

IMPACT ASSESSMENT:

Medium

Discussion:

A remote user can access '/install/index.php' to potentially modify '/includes/settings/' with arbitrary values or PHP code. A remote authenticated user can send a specially crafted request to '/pref.php' to include an arbitrary local file. magic_quotes_gpc must be disabled to exploit this flaw.

Impact:

A remote user may be able to execute arbitrary PHP code on the target system.

Solution:

The vendor has issued a fix (1.2.5).

Addthis