Launchpad.net

CVE 2007-5492

Static code injection vulnerability in the translation module (translator.php) in SiteBar 3.3.8 allows remote authenticated users to execute arbitrary PHP code via the value parameter.

Related bugs and status

CVE-2007-5492 (Candidate) is related to these bugs:

Bug #175319: [sitebar] Several remote vulnerabilities

		In	Importance	Status
175319	[sitebar] Several remote vulnerabilities	sitebar (Ubuntu)	Undecided	Fix Released
175319	[sitebar] Several remote vulnerabilities	sitebar (Debian)	Unknown	Fix Released
175319	[sitebar] Several remote vulnerabilities	sitebar (Ubuntu Dapper)	Undecided	Won't Fix
175319	[sitebar] Several remote vulnerabilities	sitebar (Ubuntu Edgy)	Undecided	Won't Fix
175319	[sitebar] Several remote vulnerabilities	sitebar (Ubuntu Gutsy)	Undecided	Won't Fix
175319	[sitebar] Several remote vulnerabilities	sitebar (Ubuntu Hardy)	Undecided	Fix Released
175319	[sitebar] Several remote vulnerabilities	sitebar (Ubuntu Feisty)	Undecided	Won't Fix

See the

CVE page on Mitre.org for more details.

References

CONFIRM: https://bugs.gentoo.or...
CONFIRM: http://teamforge.net/v...
BID: 26126
GENTOO: GLSA-200711-05
SECUNIA: 27503
DEBIAN: DSA-1423
SECUNIA: 28008
OSVDB: 43760
VUPEN: ADV-2007-3768
CONFIRM: https://bugs.gentoo.or...
BUGTRAQ: 20071018 Serious holes...