/// File Name: |
R7-0036.txt |
Description:
|
Rapid7 Security Advisory - FCKEditor contains a file renaming bug that allows remote code execution. Specifically, it is possible to upload ASP code via the ASP.NET connector in FCKEditor. The vulnerability requires that the remote server be running IIS. This vulnerability has been confirmed on FCKEditor 2.5.1 and 2.6.6.
| Author: | H D Moore,Rapid7,Will Vandevanter | Homepage: | http://www.rapid7.com/ | File Size: | 2277 | Related CVE(s): | CVE-2009-4444 | Last Modified: | Aug 30 19:10:27 2010 |
MD5 Checksum: | 734bd64d3ff9aa05f3b480e0cd0300eb |
|