← Retour aux CVEs
CVE-2005-0254
LOW3.7
Description
BibORB 1.3.2, and possibly earlier versions, does not properly enforce a restriction for uploading only PDF and PS files, which allows remote attackers to upload arbitrary files that are presented to other users with PDF or PS icons, which may trick some users into downloading and executing those files.
Details CVE
Score CVSS v3.13.7
SeveriteLOW
Vecteur CVSSCVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N
Vecteur d'attaqueNETWORK
ComplexiteHIGH
Privileges requisNONE
Interaction utilisateurNONE
Publie5/2/2005
Derniere modification4/16/2026
Sourcenvd
Observations honeypot0
Produits affectes
guillaumegardey:biborb
Faiblesses (CWE)
CWE-434CWE-434
References
http://marc.info/?l=bugtraq&m=110868948719773&w=2(cve@mitre.org)
http://marc.info/?l=full-disclosure&m=110864983905770&w=2(cve@mitre.org)
http://www.securityfocus.com/bid/12583(cve@mitre.org)
http://marc.info/?l=bugtraq&m=110868948719773&w=2(af854a3a-2127-422b-91ae-364da2661108)
http://marc.info/?l=full-disclosure&m=110864983905770&w=2(af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/bid/12583(af854a3a-2127-422b-91ae-364da2661108)
Correlations IOC
Aucune correlation enregistree
This product uses data from the NVD API but is not endorsed or certified by the NVD.