Description

Format string vulnerability in the mod_tcl module 1.0 for Apache 2.x allows context-dependent attackers to execute arbitrary code via format string specifiers that are not properly handled in a set_var function call in (1) tcl_cmds.c and (2) tcl_core.c.

Remediation

References

CVE-2006-4154

Related Vulnerabilities

Moodle Permissions, Privileges, and Access Controls Vulnerability (CVE-2011-4287)

Atlassian Jira Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2021-43953)

WordPress Plugin Facebook for WordPress Cross-Site Request Forgery (3.0.3)

WordPress Plugin WPBakery Page Builder Cross-Site Scripting (6.4.0)

WordPress Plugin rtMedia for WordPress, BuddyPress and bbPress Multiple Unspecified Vulnerabilities (4.2)

Severity

Medium

Classification

CVE-2006-4154

Tags

Missing Update Known Vulnerabilities