GFI LANguard - Vulnerability scanning and patch management. Download a free trial!

Main Menu

Free Services

Critical Alerts

- 28 May 2008

Adobe Flash Player Unspecified Remote Code Execution Vulnerability

 

- 11 Mar 2008

Microsoft Excel Multiple Remote Code Execution Vulnerabilities

 

- 16 Jan 2008

Microsoft Excel File Handling Remote Arbitrary Code Execution Vulnerability

 

- 13 Dec 2007

JustSystems Ichitaro "JSGCI.DLL" Document Processing Remote Buffer Overflow Vulnerability

 

- 11 Dec 2007

Microsoft Internet Explorer Multiple Remote Memory Corruption Vulnerabilities

 

Advisories » OpenKM Remote Document Export Vulnerability

 

Release Date: 09/05/2008 Severity: Less Critical Less Critical
SecWatch Advisory: SWID1021137 Cause: Not specified
Solution Status: Unpatched Impact: Disclosure of system information
Exploit Status: None Available Access Vector: From remote
 
Affected Software: OpenKM 1.x
 
Original Advisory: http://sourceforge.net/project/shownotes.php?release_id=597940
Secunia: SA30137

 

Description:

A vulnerability in OpenKM has been reported, which can be exploited by remote users to disclose potentially sensitive information.

An unspecified error exists in the export functionality, which can be exploited to export arbitrary documents.

 

Affected:

OpenKM versions prior to 2.0.

 

Solution:

The vulnerability has been fixed in version 2.0.

 

Credits:

Reported by vendor.

 

Free Vulnerability Notification Service

Receive free instant and customisable notifications of new vulnerabilities or exploits via e-mail, web or RSS feeds. Click here for more information.