Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-1868

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2005-1868
Last Modified 05 Sep 2008 04:50:17
Published 09 Jun 2005 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2005-1868

Summary

I-Man 0.9, and possibly earlier versions, allows remote attackers to execute arbitrary PHP code by uploading a file attachment with a .php extension.

Vulnerable Systems

Application

  • I-man 0.2

  • I-man 0.3

  • I-man 0.4

  • I-man 0.5

  • I-man 0.6

  • I-man 0.7

  • I-man 0.8

  • I-man 0.9


References

CONFIRM - http://sourceforge.net/project/shownotes.php?release_id=331422

SECUNIA - 15558

XF - iman-file-upload(20857)


Last Updated: 27 May 2016 10:40:18