Description
Format string vulnerability in the mod_tcl module 1.0 for Apache 2.x allows context-dependent attackers to execute arbitrary code via format string specifiers that are not properly handled in a set_var function call in (1) tcl_cmds.c and (2) tcl_core.c.
Remediation
References
Related Vulnerabilities
WordPress Plugin Store Locator Plus for WordPress SQL Injection (3.8.6)
MySQL CVE-2015-0382 Vulnerability (CVE-2015-0382)
Oracle JRE CVE-2014-0457 Vulnerability (CVE-2014-0457)
WordPress Plugin Email Log Cross-Site Scripting (2.2.2)
WordPress Plugin Slideshow Gallery 2 'border' Parameter Cross-Site Scripting (1.1.4)