Candidate: CVE-2009-4412
PublicDate: 2009-12-24 16:30:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4412
Description:
 Unrestricted file upload vulnerability in Serendipity before 1.5 allows
 remote authenticated users to execute arbitrary code by uploading a file
 with an executable extension followed by a safe extension, then accessing
 it via a direct request to the file in an unspecified directory.  NOTE:
 some of these details are obtained from third party information.
Ubuntu-Description:
Notes:
Bugs:
Priority: high
Discovered-by:
Assigned-to:
CVSS: 

Patches_serendipity:
upstream_serendipity: released (1.5)
dapper_serendipity: DNE
hardy_serendipity: ignored (reached end-of-life)
intrepid_serendipity: needed (reached end-of-life)
jaunty_serendipity: ignored (reached end-of-life)
karmic_serendipity: ignored (reached end-of-life)
lucid_serendipity: ignored (reached end-of-life)
maverick_serendipity: not-affected (1.5.3-1)
natty_serendipity: not-affected (1.5.3-1)
oneiric_serendipity: not-affected (1.5.3-1)
precise_serendipity: not-affected (1.5.3-1)
quantal_serendipity: not-affected (1.5.3-1)
raring_serendipity: not-affected (1.5.3-1)
saucy_serendipity: DNE
devel_serendipity: DNE