Summary
Ektron CMS is prone to a remote code-execution vulnerability.
Successful exploits will allow remote attackers to execute arbitrary code within the context of the affected application. Failed attacks may cause denial-of-service conditions.
Versions prior to Ektron CMS 8.02 Service Pack 5 are vulnerable.
Solution
Updates are available. Please see the references for details.
Severity
Classification
-
CVE CVE-2012-5357 -
CVSS Base Score: 10.0
AV:N/AC:L/Au:N/C:C/I:C/A:C
Related Vulnerabilities
- 4Images <= 1.7.1 Directory Traversal Vulnerability
- Artifectx xClassified 'catid' SQL Injection Vulnerability
- Ad Manager Pro Multiple SQL Injection And XSS Vulnerabilities
- Apache Tomcat/JBoss EJBInvokerServlet / JMXInvokerServlet (RMI over HTTP) Marshalled Object Remote Code Execution
- Apache Struts ClassLoader Manipulation Vulnerabilities