CVE-2012-1037 in Ubuntu

CVE-2012-1037

Priority

Medium

Description

PHP remote file inclusion vulnerability in front/popup.php in GLPI 0.78
through 0.80.61 allows remote authenticated users to execute arbitrary PHP
code via a URL in the sub_type parameter.

References

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1037
http://www.openwall.com/lists/oss-security/2012/02/10/5

Package

Source: glpi (LP Ubuntu Debian)

Upstream:	released (0.80.7-1)
Ubuntu 8.04 LTS (Hardy Heron):	ignored (reached end-of-life)
Ubuntu 10.04 LTS (Lucid Lynx):	needed
Ubuntu 11.10 (Oneiric Ocelot):	ignored (reached end-of-life)
Ubuntu 12.04 LTS (Precise Pangolin):	released (0.80.7-1)
Ubuntu 12.10 (Quantal Quetzal):	released (0.80.7-1)
Ubuntu 13.04 (Raring Ringtail):	released (0.80.7-1)
Ubuntu 13.10 (Saucy Salamander):	released (0.80.7-1)

More Information

Mitre
NVD
Launchpad
Debian

Updated: 2013-05-09 15:16:15 UTC (commit 6824)