CVE-2015-1306

The newsletter posting area in the web interface in Sympa 6.0.x before 6.0.10 and 6.1.x before 6.1.24 allows remote attackers to read arbitrary files via unspecified vectors.

🔗 References (16)

• security@debianhttp://advisories.mageia.org/MGASA-2015-0085.html
• security@debianhttp://secunia.com/advisories/62387
• security@debianhttp://secunia.com/advisories/62442
• security@debianhttp://www.debian.org/security/2015/dsa-3134
• security@debianhttp://www.mandriva.com/security/advisories?name=MDVSA-2015:051
• security@debianhttp://www.openwall.com/lists/oss-security/2015/01/20/4
• security@debianhttp://www.securityfocus.com/bid/72277
• security@debianhttps://www.sympa.org/security_advisories
• af854a3a-2127-422b-91ae-364da2661108http://advisories.mageia.org/MGASA-2015-0085.html
• af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/62387
• af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/62442
• af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2015/dsa-3134
• af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDVSA-2015:051
• af854a3a-2127-422b-91ae-364da2661108http://www.openwall.com/lists/oss-security/2015/01/20/4
• af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/72277