Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-3021

Overview

Vulnerability Score 2.1 2.1
CVE Id CVE-2005-3021
Last Modified 05 Sep 2008 04:53:15
Published 21 Sep 2005 06:03:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2005-3021

Summary

image.php in vBulletin 3.0.9 and earlier allows remote attackers with access to the administrator panel to upload arbitrary files via the upload action.

Vulnerable Systems

Application

  • Jelsoft Vbulletin 1.0.1

  • Jelsoft Vbulletin 2.0 Rc2

  • Jelsoft Vbulletin 2.0 Rc3

  • Jelsoft Vbulletin 2.0.3

  • Jelsoft Vbulletin 2.2.0

  • Jelsoft Vbulletin 2.2.1

  • Jelsoft Vbulletin 2.2.2

  • Jelsoft Vbulletin 2.2.3

  • Jelsoft Vbulletin 2.2.4

  • Jelsoft Vbulletin 2.2.5

  • Jelsoft Vbulletin 2.2.6

  • Jelsoft Vbulletin 2.2.7

  • Jelsoft Vbulletin 2.2.8

  • Jelsoft Vbulletin 2.2.9

  • Jelsoft Vbulletin 2.3.0

  • Jelsoft Vbulletin 2.3.2

  • Jelsoft Vbulletin 2.3.3

  • Jelsoft Vbulletin 2.3.4

  • Jelsoft Vbulletin 3.0

  • Jelsoft Vbulletin 3.0 Beta 2

  • Jelsoft Vbulletin 3.0 Beta 3

  • Jelsoft Vbulletin 3.0 Beta 4

  • Jelsoft Vbulletin 3.0 Beta 5

  • Jelsoft Vbulletin 3.0 Beta 6

  • Jelsoft Vbulletin 3.0 Beta 7

  • Jelsoft Vbulletin 3.0 Gamma

  • Jelsoft Vbulletin 3.0.1

  • Jelsoft Vbulletin 3.0.2

  • Jelsoft Vbulletin 3.0.3

  • Jelsoft Vbulletin 3.0.4

  • Jelsoft Vbulletin 3.0.5

  • Jelsoft Vbulletin 3.0.6

  • Jelsoft Vbulletin 3.0.7

  • Jelsoft Vbulletin 3.0.8

  • Jelsoft Vbulletin 3.0.9


References

SECUNIA - 16873

MISC - http://morph3us.org/advisories/20050917-vbulletin-3.0.8.txt

BUGTRAQ - 20050918 [BuHa-Security] Multiple vulnerabilities in (admincp/modcp of)

XF - vbulletin-image-file-upload(22325)


Last Updated: 27 May 2016 10:40:43