Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2002-0223

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2002-0223
Last Modified 10 Sep 2008 08:00:44
Published 16 May 2002 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2002-0223

Summary

Infopop UBB.Threads 5.4 and Wired Community Software WWWThreads 5.0 through 5.0.9 allows remote attackers to upload arbitrary files by using a filename that contains an accepted extension, but ends in a different extension.

Vulnerable Systems

Application

  • Infopop Ultimate Bulletin Board 5.4

  • Wired Community Software Wwwthreads 5.0

  • Wired Community Software Wwwthreads 5.0.6

  • Wired Community Software Wwwthreads 5.0.8

  • Wired Community Software Wwwthreads 5.0.9


References

XF - ubbthreads-file-upload(8022)

BUGTRAQ - 20020130 [ WWWThreads, UBBThreads ] Security Hole in upload system

BID - 3993


Last Updated: 27 May 2016 10:36:50