Description

Format string vulnerability in the mod_tcl module 1.0 for Apache 2.x allows context-dependent attackers to execute arbitrary code via format string specifiers that are not properly handled in a set_var function call in (1) tcl_cmds.c and (2) tcl_core.c.

Remediation

References

CVE-2006-4154

Related Vulnerabilities

SharePoint CVE-2024-49062 Vulnerability (CVE-2024-49062)

phpMyAdmin Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2020-22452)

MySQL CVE-2019-2968 Vulnerability (CVE-2019-2968)

WordPress Plugin Visitor Traffic Real Time Statistics Cross-Site Request Forgery (1.12)

WordPress Plugin Cimy User Extra Fields Arbitrary File Upload (2.3.7)

Severity

Medium

Classification

CVE-2006-4154

Tags

Missing Update Known Vulnerabilities