PEAR LiveUser LiveUser.php Cookie Data Traversal Arbitrary File Deletion

ID OSVDB:23496
Type osvdb
Reporter James Bercegay(
Modified 2006-02-21T22:10:40


Solution Description

Upgrade to version 0.16.9 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.


Vendor URL: Vendor Specific News/Changelog Entry: Security Tracker: 1015659 Related OSVDB ID: 23495 Other Advisory URL: Mail List Post: FrSIRT Advisory: ADV-2006-0697 CVE-2006-0869 Bugtraq ID: 16761