Summary
Mutiny is prone to a command-injection vulnerability.
Attackers can exploit this issue to execute arbitrary commands with root privileges.
Mutiny versions prior to 4.5-1.12 are vulnerable.
Solution
Updates are available. Please see the references for details.
References
Updated on 2015-03-25
Severity
Classification
-
CVE CVE-2012-3001 -
CVSS Base Score: 8.5
AV:N/AC:M/Au:S/C:C/I:C/A:C
Related Vulnerabilities
- Apple Safari PDF Javascript Security Bypass Bypass Vulnerability
- Allegro RomPager `Misfortune Cookie` Vulnerability
- Adobe ColdFusion Components (CFC) Denial Of Service Vulnerability
- AlstraSoft AskMe Pro 'forum_answer.php' and 'profile.php' Multiple SQL Injection Vulnerabilities
- Andy's PHP Knowledgebase 'step5.php' Remote PHP Code Execution Vulnerability