8 lines
No EOL
537 B
Text
8 lines
No EOL
537 B
Text
source: https://www.securityfocus.com/bid/7740/info
|
|
|
|
Reportedly an attacker may make a malicious HTTP request for specific P-Synch executables passing an empty URI parameter to trigger the condition. Although unconfirmed, it is likely that the request will cause P-Sync to display an error message containing the path to the executable.
|
|
|
|
This vulnerability was reported to affect P-Synch version 6.2.5 other versions may also be affected.
|
|
|
|
https://www.example.org/psynch/nph-psa.exe?lang=
|
|
https://www.example.org/psynch/nph-psf.exe?lang= |