Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-5857

Overview

Vulnerability Score 6.5 6.5
CVE Id CVE-2008-5857
Last Modified 15 Aug 2009 01:17:19
Published 06 Jan 2009 12:30:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication SINGLE_INSTANCE

CVE-2008-5857

Summary

The DropDocuments plugin in KnowledgeTree before 3.5.4a allows remote authenticated users to gain administrative privileges via a certain sequence of "browse documents" and dashboard requests.

Vulnerable Systems

Application

  • Knowledgetree Document Management 3.0.0

  • Knowledgetree Document Management 3.0.1

  • Knowledgetree Document Management 3.0.2

  • Knowledgetree Document Management 3.0.3

  • Knowledgetree Document Management 3.0.3a

  • Knowledgetree Document Management 3.0.3b

  • Knowledgetree Document Management 3.1

  • Knowledgetree Document Management 3.1a

  • Knowledgetree Document Management 3.1b

  • Knowledgetree Document Management 3.3

  • Knowledgetree Document Management 3.3.1

  • Knowledgetree Document Management 3.3.2

  • Knowledgetree Document Management 3.3.3

  • Knowledgetree Document Management 3.3.4

  • Knowledgetree Document Management 3.3.5

  • Knowledgetree Document Management 3.3.6

  • Knowledgetree Document Management 3.3.7

  • Knowledgetree Document Management 3.4

  • Knowledgetree Document Management 3.4.1

  • Knowledgetree Document Management 3.4.2

  • Knowledgetree Document Management 3.4.3

  • Knowledgetree Document Management 3.4.4

  • Knowledgetree Document Management 3.4.5

  • Knowledgetree Document Management 3.4.6

  • Knowledgetree Document Management 3.4a

  • Knowledgetree Document Management 3.5.2

  • Knowledgetree Document Management 3.5.2a

  • Knowledgetree Document Management 3.5.2b

  • Knowledgetree Document Management 3.5.2c

  • Knowledgetree Document Management 3.5.3

  • Knowledgetree Document Management 3.5.4


References

BID - 32920

SECUNIA - 33277

XF - knowledgetree-dropdocuments-priv-escalation(47530)

CONFIRM - http://wiki.knowledgetree.com/Version_3.5.4a#Security

CONFIRM - http://issues.knowledgetree.com/browse/KTS-3921


Last Updated: 27 May 2016 10:48:57