Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-0200

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2005-0200
Last Modified 24 Oct 2012 12:00:00
Published 02 May 2005 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2005-0200

Summary

TikiWiki before 1.8.5 does not properly validate files that have been uploaded to the temp directory, which could allow remote attackers to upload and execute arbitrary PHP scripts, a different vulnerability than CVE-2004-1386.

Vulnerable Systems

Application

  • Tikiwiki Cms%2fgroupware 1.6.1

  • Tikiwiki Project Tikiwiki 1.8

  • Tikiwiki Project Tikiwiki 1.8.1

  • Tikiwiki Project Tikiwiki 1.8.2

  • Tikiwiki Project Tikiwiki 1.8.3

  • Tikiwiki Project Tikiwiki 1.8.4

  • Tikiwiki Project Tikiwiki 1.8.4.1


References

GENTOO - GLSA-200501-41

CONFIRM - http://tikiwiki.org/art102

SECUNIA - 13948


Last Updated: 27 May 2016 10:39:18