Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2004-0613

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2004-0613
Last Modified 07 Mar 2011 09:16:04
Published 06 Dec 2004 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2004-0613

Summary

osTicket allows remote attackers to view sensitive uploaded files and possibly execute arbitrary code via an HTTP request that uploads a PHP file to the ticket attachments directory.

Vulnerable Systems

Application

  • Osticket Sts 1.2


References

BID - 10586

BUGTRAQ - 20040621 Multiple osTicket exploits!

XF - osticket-view-attachments(16478)

XF - osticket-php-file-upload(16477)


Last Updated: 27 May 2016 10:38:40