WebCalendar Certain Variable Overwrite Vulnerability

Bugtraq ID:	22834
Class:	Design Error
CVE:	CVE-2007-1343
Remote:	Yes
Local:	No
Published:	Mar 06 2007 12:00AM
Updated:	Mar 21 2007 05:03PM
Credit:	The vendor disclosed this vulnerability.
Vulnerable:	WebCalendar WebCalendar 0.9.45 k5n WebCalendar 1.0.4 Debian Linux 3.1 sparc Debian Linux 3.1 s/390 Debian Linux 3.1 ppc Debian Linux 3.1 mipsel Debian Linux 3.1 mips Debian Linux 3.1 m68k Debian Linux 3.1 ia-64 Debian Linux 3.1 ia-32 Debian Linux 3.1 hppa Debian Linux 3.1 arm Debian Linux 3.1 amd64 Debian Linux 3.1 alpha Debian Linux 3.1
Not Vulnerable:	k5n WebCalendar 1.0.5

WebCalendar Certain Variable Overwrite Vulnerability

WebCalendar is prone to a variable-overwrite vulnerability because the application fails to sanitize user-supplied input.

By overwriting system variables with arbitrary input, the attacker may be able perform cross-site scripting, SQL-injection, and other attacks.

Version 1.0.4 is vulnerable to this issue; prior versions may also be affected.

WebCalendar Certain Variable Overwrite Vulnerability

Attackers may exploit this issue with a browser.

WebCalendar Certain Variable Overwrite Vulnerability

Solution:
The vendor has released an update addressing this issue; please see the vendor references for details.


WebCalendar WebCalendar 0.9.45

• Debian webcalendar_0.9.45-4sarge6_all.deb
  Debian GNU/Linux 3.1 alias sarge
  http://security.debian.org/pool/updates/main/w/webcalendar/webcalendar _0.9.45-4sarge6_all.deb

WebCalendar Certain Variable Overwrite Vulnerability

References:

• WebCalendar 1.0.5 Changelog (WebCalendar)
  
• WebCalendar Home Page (WebCalendar)