The following issue was found in MantisBT: An attacker could upload a malicious Flash file renamed to bear a recognized image extension (e.g. xss.swf ==> screenshot.png). Since by default MantisBT is configured to allow images to be displayed inline, it is possible to get the Flash to execute. This issue is fixed in the yet-to-be released 1.2.18 release of MantisBT. Upstream Patch: http://github.com/mantisbt/mantisbt/commit/9fb8cf36f Upstream issue details: http://www.mantisbt.org/bugs/view.php?id=17874 CVE request: http://seclists.org/oss-sec/2014/q4/867
Created mantis tracking bugs for this issue: Affects: fedora-all [bug 1170198]
*** This bug has been marked as a duplicate of bug 1170192 ***
This issue is tracked along with 1170192 under a single CVE: CVE-2014-9271 http://seclists.org/oss-sec/2014/q4/902
As per MITRE this should be tracked as CVE-2014-9271, 1170192 is CVE-2014-9281 http://seclists.org/oss-sec/2014/q4/924 Re-opening.
This CVE Bugzilla entry is for community support informational purposes only as it does not affect a package in a commercially supported Red Hat product. Refer to the dependent bugs for status of those individual community products.