cpe:/a:fckeditor:fckeditor:2.0 cpe:/a:fckeditor:fckeditor:2.0_fc cpe:/a:fckeditor:fckeditor:2.0_rc2 cpe:/a:fckeditor:fckeditor:2.0rc2 cpe:/a:fckeditor:fckeditor:2.0rc3 cpe:/a:fckeditor:fckeditor:2.1 cpe:/a:fckeditor:fckeditor:2.1.1 cpe:/a:fckeditor:fckeditor:2.2 cpe:/a:fckeditor:fckeditor:2.3 cpe:/a:fckeditor:fckeditor:2.3:beta cpe:/a:fckeditor:fckeditor:2.3.1 cpe:/a:fckeditor:fckeditor:2.3.2 cpe:/a:fckeditor:fckeditor:2.3.3 cpe:/a:fckeditor:fckeditor:2.4 cpe:/a:fckeditor:fckeditor:2.4.1 cpe:/a:fckeditor:fckeditor:2.4.2 cpe:/a:fckeditor:fckeditor:2.4.3 cpe:/a:fckeditor:fckeditor:2.5 cpe:/a:fckeditor:fckeditor:2.5:beta cpe:/a:fckeditor:fckeditor:2.5.1 cpe:/a:fckeditor:fckeditor:2.6 cpe:/a:fckeditor:fckeditor:2.6.1 cpe:/a:fckeditor:fckeditor:2.6.2 cpe:/a:fckeditor:fckeditor:2.6.3 cpe:/a:fckeditor:fckeditor:2.6.3:beta cpe:/a:fckeditor:fckeditor:2.6.4 cpe:/a:fckeditor:fckeditor:2.6.4:beta CVE-2009-2265 2009-07-05T12:30:00.377-04:00 2009-08-12T01:29:59.827-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2009-07-06T08:07:00.000-04:00 SECTRACK 1022513 BUGTRAQ 20090703 [oCERT-2009-007] FCKeditor input sanitization errors SECUNIA 35833 SECUNIA 35909 VUPEN ADV-2009-1813 VUPEN ADV-2009-1825 DEBIAN DSA-1836 FEDORA FEDORA-2009-7761 FEDORA FEDORA-2009-7794 MLIST [Zope-dev] 20090706 zope.html with FCKEditor security fix MISC http://isc.sans.org/diary.html?storyid=6724 CONFIRM http://sourceforge.net/project/shownotes.php?release_id=695430 MISC http://www.ocert.org/advisories/ocert-2009-007.html Multiple directory traversal vulnerabilities in FCKeditor before 2.6.4.1 allow remote attackers to create executable files in arbitrary directories via directory traversal sequences in the input to unspecified connector modules, as exploited in the wild for remote code execution in July 2009, related to the file browser and the editor/filemanager/connectors/ directory.