Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2004-2262

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2004-2262
Last Modified 10 Sep 2008 03:33:22
Published 31 Dec 2004 12:00:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2004-2262

Summary

ImageManager in e107 before 0.617 does not properly check the types of uploaded files, which allows remote attackers to execute arbitrary code by uploading a PHP file via the upload parameter to images.php.

Vulnerable Systems

Application

  • E107 0.545

  • E107 0.554

  • E107 0.555 Beta

  • E107 0.603

  • E107 0.610

  • E107 0.611

  • E107 0.612

  • E107 0.613

  • E107 0.614

  • E107 0.615

  • E107 0.615a

  • E107 0.616


References

MISC - http://e107.org/comment.php?comment.news.672

XF - e107-images-file-upload(18670)

BID - 12111

OSVDB - 12586

SECTRACK - 1012657

SECUNIA - 13657

MILW0RM - 704


Last Updated: 27 May 2016 10:39:24