Laffer im.php CFG_PATH Variable Remote File Inclusion

2005-07-09T04:22:49
ID OSVDB:17941
Type osvdb
Reporter OSVDB
Modified 2005-07-09T04:22:49

Description

Solution Description

Upgrade to version 0.3.2.8 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

References:

Vendor URL: http://laffer.sourceforge.net/ Vendor Specific News/Changelog Entry: http://sourceforge.net/tracker/index.php?func=detail&aid=1235463&group_id=101249&atid=629313 Vendor Specific News/Changelog Entry: http://laffer.sourceforge.net/cgi-bin/index.pl?page=news&key=373747410 Vendor Specific News/Changelog Entry: http://laffer.sourceforge.net/daily/ChangeLog CVE-2005-2328