SecuritySpace - CVE-2011-2772

Price/Feature Summary | Order | New Vulnerabilities | Confidentiality | Vulnerability Search

Vulnerability Search		Search 61204 CVE descriptions and 32582 test descriptions, access 10,000+ cross references.
	Tests CVE All

CVE ID: CVE-2011-2772

Description: The get_dataroot_image_path function in lib/file.php in Mahara before 1.4.1 does not properly validate uploaded image files, which allows remote attackers to cause a denial of service (memory consumption) via a (1) large or (2) invalid image.

Test IDs: 1.3.6.1.4.1.25623.1.0.70550

Cross References: Common Vulnerability Exposure (CVE) ID: CVE-2011-2772
Debian Security Information: DSA-2334 (Google Search)
http://www.debian.org/security/2011/dsa-2334
http://secunia.com/advisories/46719

New User Registration
Email:

UserID:

Passwd:

Please email me your monthly newsletters, informing the latest services, improvements & surveys.

Please email me a vulnerability test announcement whenever a new test is added.

Privacy

Registered User Login

UserID:

Passwd:

Forgot userid or passwd?

Email/Userid:

CVE ID:	CVE-2011-2772
Description:	The get_dataroot_image_path function in lib/file.php in Mahara before 1.4.1 does not properly validate uploaded image files, which allows remote attackers to cause a denial of service (memory consumption) via a (1) large or (2) invalid image.
Test IDs:	1.3.6.1.4.1.25623.1.0.70550
Cross References:	Common Vulnerability Exposure (CVE) ID: CVE-2011-2772 Debian Security Information: DSA-2334 (Google Search) http://www.debian.org/security/2011/dsa-2334 http://secunia.com/advisories/46719