Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2003-0104

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2003-0104
Last Modified 05 Sep 2008 04:33:29
Published 18 Mar 2003 12:00:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2003-0104

Summary

Directory traversal vulnerability in PeopleTools 8.10 through 8.18, 8.40, and 8.41 allows remote attackers to overwrite arbitrary files via the SchedulerTransfer servlet.

Vulnerable Systems

Application

  • Peoplesoft Peopletools 8.10

  • Peoplesoft Peopletools 8.11

  • Peoplesoft Peopletools 8.12

  • Peoplesoft Peopletools 8.13

  • Peoplesoft Peopletools 8.14

  • Peoplesoft Peopletools 8.15

  • Peoplesoft Peopletools 8.16

  • Peoplesoft Peopletools 8.17

  • Peoplesoft Peopletools 8.18

  • Peoplesoft Peopletools 8.40

  • Peoplesoft Peopletools 8.41


References

BID - 7053

XF - peoplesoft-schedulertransfer-create-files(10962)

ISS - 20030310 PeopleSoft PeopleTools Remote Command Execution Vulnerability


Last Updated: 27 May 2016 10:37:47