Ninka CVE-2017-7239 Security Bypass Vulnerability

Ninka is prone to a security-bypass vulnerability.

An attacker may exploit this issue to bypass certain security restrictions and perform unauthorized actions. This may lead to further attacks.

Ninka 1.3.0 and prior are vulnerable.

Information

Bugtraq ID: 97325
Class: Design Error
CVE: CVE-2017-7239

Remote: Yes
Local: No
Published: Apr 03 2017 12:00AM
Credit: Dirk-Willem van Gulik
Vulnerable: Ninka Ninka 1.3

Not Vulnerable: Ninka Ninka 1.3.2

References:

• CVE-2017-7239: ninka license identification tool: insufficient escaping of exter (Dirk-Willem van Gulik)
  
• Ninka Homepage (Ninka)
  

Source: www.securityfocus.com