CVE-2009-1669

Priority
Medium
Description
The smarty_function_math function in libs/plugins/function.math.php in
Smarty 2.6.22 allows context-dependent attackers to execute arbitrary
commands via shell metacharacters in the equation attribute of the math
function. NOTE: some of these details are obtained from third party
information.
References
Notes
mdeslaur> may be a PoC here: http://www.milw0rm.com/exploits/8659
mdeslaur> Debian says: TODO: check. It should be windows specific.
Package
Upstream:needs-triage
Ubuntu 8.04 LTS (Hardy Heron):ignored (reached end-of-life)
Ubuntu 10.04 LTS (Lucid Lynx):not-affected (uses system smarty)
Ubuntu 11.04 (Natty Narwhal):not-affected (uses system smarty)
Ubuntu 11.10 (Oneiric Ocelot):not-affected (uses system smarty)
Ubuntu 12.04 LTS (Precise Pangolin):not-affected (uses system smarty)
Package
Upstream:needs-triage
Ubuntu 8.04 LTS (Hardy Heron):released (1.8.2-1ubuntu4.2)
Ubuntu 10.04 LTS (Lucid Lynx):not-affected (uses system smarty)
Ubuntu 11.04 (Natty Narwhal):not-affected (uses system smarty)
Ubuntu 11.10 (Oneiric Ocelot):not-affected (uses system smarty)
Ubuntu 12.04 LTS (Precise Pangolin):not-affected (uses system smarty)
Package
Upstream:needed
Ubuntu 8.04 LTS (Hardy Heron):ignored (reached end-of-life)
Ubuntu 10.04 LTS (Lucid Lynx):released (2.6.22-1ubuntu2)
Ubuntu 11.04 (Natty Narwhal):released (2.6.22-1ubuntu2)
Ubuntu 11.10 (Oneiric Ocelot):released (2.6.22-1ubuntu2)
Ubuntu 12.04 LTS (Precise Pangolin):released (2.6.22-1ubuntu2)
More Information

Valid XHTML 1.0 Strict

Updated: 2012-06-01 15:19:51 UTC (commit 5347)