Info

Disclosure

Jan 30, 2006

Discovery

Unknown

Dates

Exploit

Unknown

Solution

Unknown

Description

HTMLArea contains a flaw that may allow a malicious user to execute arbitrary commands. The '/admin/htmlarea/popups/file/files.php' script is accessible without authentication, allowing a remote attacker to use this script to upload malicious PHP files and execute arbitrary code on the system.

Classification

Location: Remote/Network Access Required
Attack Type: Input Manipulation
Impact: Unknown
Exploit: Exploit Available
Disclosure: OSVDB Verified
OSVDB: Web Related

Solution

Currently, there are no known upgrades, patches, or workarounds available to correct this issue in HTMLArea. Upgrade to version 6.2 or higher, as it has been reported to fix this vulnerability. In addition, Chain Reaction Works, Inc. has released a patch for some older versions.

Products

Dynarch.com	HTMLArea	1.7
		2.03

Chain Reaction Works, Inc.	CRE Loaded osCommerce	6.15
		6.02 Beta
		6.042
		6.1

References

FrSIRT Advisory: ADV-2006-0373
Bugtraq ID: 16415
ISS X-Force ID: 24377
Secunia Advisory ID: 18648
CVE ID: 2006-0478 (see also: NVD)
Vendor Specific Solution URL: http://creloaded.com/Downloads/d_op=getit/lid=172.html
Vendor URL: http://creloaded.com/
http://www.dynarch.com/projects/htmlarea/

Credit

kaneda -

Direct URL: http://osvdb.org/36218

Info

Disclosure

Discovery

Dates

Exploit

Solution

Description

Classification

Solution

Products

Dynarch.com

HTMLArea

Chain Reaction Works, Inc.

CRE Loaded osCommerce

References

Credit