CVE-2007-5694 Information

Description

Absolute path traversal vulnerability in the translation module (translator.php) in SiteBar 3.3.8 allows remote authenticated users to read arbitrary files via an absolute path in the dir parameter a different vulnerability than CVE-2007-5491.

Reference

http://osvdb.org/41110 http://secunia.com/advisories/27503 http://secunia.com/advisories/28008 http://securityreason.com/securityalert/3318 http://teamforge.net/viewcvs/viewcvs.cgi/tags/release-3.3.9/doc/history.txt?view=markup http://www.debian.org/security/2007/dsa-1423 http://www.gentoo.org/security/en/glsa/glsa-200711-05.xml http://www.securityfocus.com/archive/1/482499/100/0/threaded http://www.securityfocus.com/bid/26126 http://www.vupen.com/english/advisories/2007/3768