Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-3764

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2005-3764
Last Modified 05 Sep 2008 04:55:13
Published 22 Nov 2005 06:03:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2005-3764

Summary

The image gallery (imagegallery) component in Exponent CMS 0.96.3 and later versions does not properly check the MIME type of uploaded files, with unknown impact from the preview icon, possibly involving injection of HTML.

Vulnerable Systems

Application

  • Exponent 0.94

  • Exponent 0.95

  • Exponent 0.96.1

  • Exponent 0.96.3

  • Exponent 0.96.4


References

BUGTRAQ - 20051119 [security - exponentcms]

SECUNIA - 17655


Last Updated: 27 May 2016 10:41:02