Lucene search
HistoryNov 24, 2012 - 8:55 p.m.
CVE-2012-2244
6 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:S/C:P/I:P/A:P
9.3 High
AI Score
Confidence
High
0.01 Low
EPSS
Percentile
83.5%
Mahara 1.4.x before 1.4.5 and 1.5.x before 1.5.4 allows remote authenticated administrators to execute arbitrary programs by modifying the path to clamav. NOTE: this can be exploited without authentication by leveraging CVE-2012-2243.
Affected configurations
Node
maharamaharaMatch1.4rc1
ORmaharamaharaMatch1.4rc2
ORmaharamaharaMatch1.4rc3
ORmaharamaharaMatch1.4rc4
ORmaharamaharaMatch1.4.0
ORmaharamaharaMatch1.4.1
ORmaharamaharaMatch1.4.2
ORmaharamaharaMatch1.4.3
Node
maharamaharaMatch1.5rc1
ORmaharamaharaMatch1.5rc2
ORmaharamaharaMatch1.5.0
ORmaharamaharaMatch1.5.1
ORmaharamaharaMatch1.5.2
ORmaharamaharaMatch1.5.3
Related
cvelist
cvelist
prion
prion
Cross site scripting
2012-11-24 20:55:00
Authentication flaw
2012-11-24 20:55:00
Cross site scripting
2012-11-24 20:55:00
cve
cve
ubuntucve
ubuntucve
nvd
nvd
CVE-2012-2243
2012-11-24 20:55:02
CVE-2012-6037
2012-11-24 20:55:04
openvas
openvas
Debian: Security Advisory (DSA-2591-1)
2013-09-18 00:00:00
Debian Security Advisory DSA 2591-1 (mahara - several vulnerabilities)
2013-09-18 00:00:00
nessus
nessus
Debian DSA-2591-1 : mahara - several vulnerabilities
2012-12-28 00:00:00
securityvulns
securityvulns
[SECURITY] [DSA 2591-1] mahara security update
2013-01-02 00:00:00
debian
debian
[SECURITY] [DSA 2591-1] mahara security update
2012-12-28 01:08:41
6 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:S/C:P/I:P/A:P
9.3 High
AI Score
Confidence
High
0.01 Low
EPSS
Percentile
83.5%
Related for NVD:CVE-2012-2244