OpenX 2.8.10 backdoor

Description

OpenX Source v. 2.8.10 (the binary distribution) was compromised, and two of the files were replaced with two new modified files that contained a remote code execution vulnerability. All OpenX downloads since at least November 2012 through August 2013 were affected.

Remediation

Upgrade to OpenX version 2.8.11.

References