Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2009-1314

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2009-1314
Last Modified 13 May 2009 01:27:48
Published 16 Apr 2009 08:30:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2009-1314

Summary

body.asp in Web File Explorer 3.1 allows remote attackers to create arbitrary files and execute arbitrary code via the savefile action with a file parameter containing a filename that has an executable extension.

Vulnerable Systems

Application

  • Webfileexplorer Web File Explorer 3.1


References

XF - webfileexplorer-body-code-execution(50389)

MILW0RM - 8382


Last Updated: 27 May 2016 10:50:32