PublicDate: 2007-03-08 22:19:00 UTC
Candidate: CVE-2007-1343
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1343
Description:
 includes/functions.php in Craig Knudsen WebCalendar before 1.0.5 does not
 protect the noSet variable from external modification, which allows remote
 attackers to set arbitrary global variables via a URL with modified values
 in the noSet parameter, which leads to resultant vulnerabilities that
 probably include remote file inclusion and other issues.
Ubuntu-Description:
Notes:
Priority: untriaged
Discovered-by:
Assigned-to:
CVSS:

Bugs:
dapper_webcalendar: ignored (reached end-of-life)
edgy_webcalendar: needed (reached end-of-life)
feisty_webcalendar: DNE
gutsy_webcalendar: released (1.0.5-12)
hardy_webcalendar: released (1.0.5-12)
intrepid_webcalendar: released (1.0.5-12)
jaunty_webcalendar: released (1.0.5-12)
karmic_webcalendar: released (1.0.5-12)
devel_webcalendar: released (1.0.5-12)
upstream_webcalendar: needs-triage