CONTENTCustomizer dialog.php editauthor Action Remote Information Disclosure

2007-11-01T00:00:00
ID OSVDB:39150
Type osvdb
Reporter OSVDB
Modified 2007-11-01T00:00:00

Description

Solution Description

Currently, there are no known upgrades or patches to correct this issue. It is possible to correct the flaw by implementing the following workaround(s): Restrict access to the CONTENTCustomizer directory to trusted users only.

References:

Secunia Advisory ID:27440 Other Advisory URL: http://packetstorm.linuxsecurity.com/0710-exploits/contentcustom-disclose.txt CVE-2007-5816 Bugtraq ID: 26291