3 matches found
Debian DSA-153-1 : mantis - cross site code execution and privilege escalation
Joao Gouveia discovered an uninitialized variable which was insecurely used with file inclusions in the mantis package, a php based bug tracking system. The Debian Security Team found even more similar problems. When these occasions are exploited, a remote user is able to execute arbitrary code...
[SECURITY] [DSA 153-1] New mantis package fixes cross site code execution
-------------------------------------------------------------------------- Debian Security Advisory DSA 153-1 [email protected] http://www.debian.org/security/ Martin Schulze August 14th, 2002 http://www.debian.org/security/faq -...
[SECURITY] [DSA 153-1] New mantis package fixes cross site code execution
-------------------------------------------------------------------------- Debian Security Advisory DSA 153-1 [email protected] http://www.debian.org/security/ Martin Schulze August 14th, 2002 http://www.debian.org/security/faq -...