Launchpad CVE tracker

CVE 2010-4350

Directory traversal vulnerability in admin/upgrade_unattended.php in MantisBT before 1.2.4 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the db_type parameter, related to an unsafe call by MantisBT to a function in the ADOdb Library for PHP.

Related bugs and status

CVE-2010-4350 (Candidate) is related to these bugs:

Bug #690482: MantisBT <1.2.4 multiple vulnerabilities (LFI, XSS and PD)

		In	Importance	Status
690482	MantisBT <1.2.4 multiple vulnerabilities (LFI, XSS and PD)	mantis (Ubuntu)	Low	Triaged
690482	MantisBT <1.2.4 multiple vulnerabilities (LFI, XSS and PD)	mantis (Debian)	Unknown	Fix Released
690482	MantisBT <1.2.4 multiple vulnerabilities (LFI, XSS and PD)	Gentoo Linux	High	Fix Released
690482	MantisBT <1.2.4 multiple vulnerabilities (LFI, XSS and PD)	mantis (Fedora)	Medium	Fix Released
690482	MantisBT <1.2.4 multiple vulnerabilities (LFI, XSS and PD)	mantis (Ubuntu Hardy)	Low	Won't Fix
690482	MantisBT <1.2.4 multiple vulnerabilities (LFI, XSS and PD)	mantis (Ubuntu Lucid)	Low	Won't Fix
690482	MantisBT <1.2.4 multiple vulnerabilities (LFI, XSS and PD)	mantis (Ubuntu Maverick)	Low	Won't Fix
690482	MantisBT <1.2.4 multiple vulnerabilities (LFI, XSS and PD)	mantis (Ubuntu Karmic)	Low	Won't Fix

See the

CVE page on Mitre.org for more details.

Launchpad.net

CVE 2010-4350

References