php4-eaccelerator: arbitrary code execution
| Package(s): | php4-eaccelerator | CVE #(s): | CVE-2009-2353 | ||||
| Created: | August 3, 2009 | Updated: | August 5, 2009 | ||||
| Description: | From the Mandriva advisory: encoder.php in eAccelerator allows remote attackers to execute arbitrary code by copying a local executable file to a location under the web root via the -o option, and then making a direct request to this file, related to upload of image files (CVE-2009-2353). | ||||||
| Alerts: |
| ||||||