Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-3767

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2005-3767
Last Modified 05 Sep 2008 04:55:14
Published 22 Nov 2005 06:03:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2005-3767

Summary

Exponent CMS 0.96.3 and later versions does not properly restrict the types of uploaded files, which allows remote attackers to upload and execute PHP files.

Vulnerable Systems

Application

  • Exponent 0.94

  • Exponent 0.95

  • Exponent 0.96.1

  • Exponent 0.96.3

  • Exponent 0.96.4


References

BUGTRAQ - 20051119 [security - exponentcms]

SECUNIA - 17655

XF - exponent-image-code-execution(23113)

BID - 15391

SECUNIA - 17505


Last Updated: 27 May 2016 10:41:02