Description
Format string vulnerability in the mod_tcl module 1.0 for Apache 2.x allows context-dependent attackers to execute arbitrary code via format string specifiers that are not properly handled in a set_var function call in (1) tcl_cmds.c and (2) tcl_core.c.
Remediation
References
Related Vulnerabilities
WordPress Plugin Woody ad snippets-Insert Header Footer Code, AdSense Ads Security Bypass (2.2.5)
WordPress Plugin Google Doc Embedder Cross-Site Scripting (2.5.18)
WordPress Plugin xili-tidy-tags Cross-Site Request Forgery (1.12.03)
WordPress Plugin Gallery Master-Responsive Photo Galleries & Albums Cross-Site Scripting (1.0.22)
WordPress Plugin MasterStudy LMS-for Online Courses and Education SQL Injection (3.2.5)