Description

Format string vulnerability in the mod_tcl module 1.0 for Apache 2.x allows context-dependent attackers to execute arbitrary code via format string specifiers that are not properly handled in a set_var function call in (1) tcl_cmds.c and (2) tcl_core.c.

Remediation

References

CVE-2006-4154

Related Vulnerabilities

WordPress Plugin Genie WP Favicon Cross-Site Request Forgery (0.5.2)

MySQL CVE-2016-5441 Vulnerability (CVE-2016-5441)

WordPress Plugin Js-appointment 'searchdata.php' SQL Injection (1.5)

WordPress 3.7.x Multiple Vulnerabilities (3.7 - 3.7.31)

IBM RTC Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-9700)

Severity

Medium

Classification

CVE-2006-4154

Tags

Missing Update Known Vulnerabilities