← Zuruck zu CVEs
CVE-2005-0254
LOW3.7
Beschreibung
BibORB 1.3.2, and possibly earlier versions, does not properly enforce a restriction for uploading only PDF and PS files, which allows remote attackers to upload arbitrary files that are presented to other users with PDF or PS icons, which may trick some users into downloading and executing those files.
CVE Details
CVSS v3.1 Bewertung3.7
SchweregradLOW
CVSS VektorCVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N
AngriffsvektorNETWORK
KomplexitatHIGH
Erforderliche PrivilegienNONE
BenutzerinteraktionNONE
Veroffentlicht5/2/2005
Zuletzt geandert4/16/2026
Quellenvd
Honeypot-Sichtungen0
Betroffene Produkte
guillaumegardey:biborb
Schwachen (CWE)
CWE-434CWE-434
Referenzen
http://marc.info/?l=bugtraq&m=110868948719773&w=2(cve@mitre.org)
http://marc.info/?l=full-disclosure&m=110864983905770&w=2(cve@mitre.org)
http://www.securityfocus.com/bid/12583(cve@mitre.org)
http://marc.info/?l=bugtraq&m=110868948719773&w=2(af854a3a-2127-422b-91ae-364da2661108)
http://marc.info/?l=full-disclosure&m=110864983905770&w=2(af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/bid/12583(af854a3a-2127-422b-91ae-364da2661108)
IOC Korrelationen
Keine Korrelationen erfasst
This product uses data from the NVD API but is not endorsed or certified by the NVD.