VULHUB ™

A new feature supporting the Windows XP publishing subsystem in Gallery 1.3.2 has introduced a security vulnerability nearly identical to that described in BID 5375. The PHP script 'publish_xp_docs.php' attempts to include a file, 'init.php', from a path constructed using an uninitiated PHP variable. Malicious remote clients may pass a value for that variable, specifying a remote server as the location of the include file

A new feature supporting the Windows XP publishing subsystem in Gallery 1.3.2 has introduced a security vulnerability nearly identical to that described in BID 5375. The PHP script 'publish_xp_docs.php' attempts to include a file, 'init.php', from a path constructed using an uninitiated PHP variable. Malicious remote clients may pass a value for that variable, specifying a remote server as the location of the include file