Description

Format string vulnerability in the mod_tcl module 1.0 for Apache 2.x allows context-dependent attackers to execute arbitrary code via format string specifiers that are not properly handled in a set_var function call in (1) tcl_cmds.c and (2) tcl_core.c.

Remediation

References

CVE-2006-4154

Related Vulnerabilities

WordPress Plugin aoringo TAG upper Cross-Site Scripting (0.1.6)

Liferay Portal Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2024-8980)

CubeCart Improper Access Control Vulnerability (CVE-2015-6928)

WebLogic CVE-2016-0573 Vulnerability (CVE-2016-0573)

Moodle Incorrect Authorization Vulnerability (CVE-2024-48897)

Severity

Medium

Classification

CVE-2006-4154

Tags

Missing Update Known Vulnerabilities