Intrusion Prevention

WebCalendar.Pre.Auth.Code.Injection

Description

This indicates an attempt to exploit a Code Injection vulnerability in WebCalendar.
The vulnerability is caused by the application's failure to validate the "form_single_user_login" parameter in the "install/index.php" script. It allows remote attackers to execute arbitrary php code by sending a malicious request.

Affected Products

WebCalendar 1.2.4 and prior.

Impact

System compromise: remote code execution.

Recommended Actions

Currently we are not aware of any vendor supplied patch for this issue.

CVE References

CVE-2012-1495