USN-791-3 -- smarty vulnerability
|ID: oval:org.secpod.oval:def:700330||Date: (C)2011-05-13 (M)2017-10-04|
|Class: PATCH||Family: unix|
It was discovered that Smarty did not correctly filter certain math inputs. A remote attacker using Smarty via a web service could exploit this to execute subsets of shell commands as the web server user.