6
CVSSv2

CVE-2012-2244

Published: 24/11/2012 Updated: 08/02/2013
CVSS v2 Base Score: 6 | Impact Score: 6.4 | Exploitability Score: 6.8
VMScore: 534
Vector: AV:N/AC:M/Au:S/C:P/I:P/A:P

Vulnerability Summary

Mahara 1.4.x prior to 1.4.5 and 1.5.x prior to 1.5.4 allows remote authenticated administrators to execute arbitrary programs by modifying the path to clamav. NOTE: this can be exploited without authentication by leveraging CVE-2012-2243.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

mahara mahara 1.4

mahara mahara 1.4.0

mahara mahara 1.4.2

mahara mahara 1.4.3

mahara mahara 1.4.1

mahara mahara 1.5

mahara mahara 1.5.2

mahara mahara 1.5.3

mahara mahara 1.5.0

mahara mahara 1.5.1

Vendor Advisories

Multiple security issues have been found in Mahara, an electronic portfolio, weblog, and resume builder, which can result in cross-site scripting, clickjacking or arbitrary file execution For the stable distribution (squeeze), these problems have been fixed in version 126-2+squeeze6 For the unstable distribution (sid), these problems have been ...