CVE-2008-5906
Published: 15 January 2009
Eval injection vulnerability in the web interface plugin in KTorrent before 3.1.4 allows remote attackers to execute arbitrary PHP code via unspecified parameters to this interface's PHP scripts.
Priority
Status
Package | Release | Status |
---|---|---|
ktorrent Launchpad, Ubuntu, Debian |
dapper |
Not vulnerable
(no web plugin in v1.x)
|
gutsy |
Released
(2.2.1-0ubuntu3.1)
|
|
hardy |
Released
(2.2.5-0ubuntu1.1)
|
|
intrepid |
Released
(3.1.2+dfsg.1-0ubuntu2.1)
|
|
jaunty |
Not vulnerable
|
|
karmic |
Not vulnerable
|
|
lucid |
Not vulnerable
|
|
maverick |
Not vulnerable
|
|
natty |
Not vulnerable
|
|
oneiric |
Not vulnerable
|
|
upstream |
Released
(3.1.4+dfsg.1-1)
|
|
ktorrent-kde4 Launchpad, Ubuntu, Debian |
dapper |
Does not exist
|
gutsy |
Does not exist
|
|
hardy |
Ignored
(end of life)
|
|
intrepid |
Does not exist
|
|
jaunty |
Does not exist
|
|
karmic |
Does not exist
|
|
lucid |
Does not exist
|
|
maverick |
Does not exist
|
|
natty |
Does not exist
|
|
oneiric |
Does not exist
|
|
upstream |
Released
(3.1.4+dfsg.1-1)
|
|
ktorrent2.2 Launchpad, Ubuntu, Debian |
dapper |
Does not exist
|
gutsy |
Does not exist
|
|
hardy |
Does not exist
|
|
intrepid |
Does not exist
|
|
jaunty |
Does not exist
|
|
karmic |
Does not exist
|
|
lucid |
Does not exist
|
|
maverick |
Does not exist
|
|
natty |
Does not exist
|
|
oneiric |
Does not exist
|
|
upstream |
Released
(2.2.8.dfsg.1-1)
|