Debian Security Advisory

DLA-1063-1 extplorer -- LTS security update

Date Reported:
21 Aug 2017
Affected Packages:
Security database references:
In Mitre's CVE dictionary: CVE-2017-12756.
More information:
  • CVE-2017-12756

    Fix command inject in transfer from another server in extplorer 2.1.9 and prior allows attacker to inject command via the userfile[0] parameter.

For Debian 7 Wheezy, these problems have been fixed in version 2.1.0b6+dfsg.3-4+deb7u5.

We recommend that you upgrade your extplorer packages.

Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: