CVE-2004-2663

Опубликовано: 31 дек. 2004

Источник: nvd

CVSS2: 7.5

EPSS Низкий

Описание

The (1) SetDebugging and (2) RunEgatherer methods in IBM Access Support eGatherer ActiveX control 2.0.0.16 allow remote attackers to create files with arbitrary content, as demonstrated by creating a .hta file in a Startup folder.

Ссылки

http://marc.info/?l=bugtraq&m=108746693619324&w=2
http://marc.info/?l=full-disclosure&m=108741557604568&w=2
http://research.eeye.com/html/advisories/published/AD20040615B.html
http://secunia.com/advisories/11072
http://www.eeye.com/html/research/advisories/AD20040615B.html
Exploit
Patch
Vendor Advisory
http://www.osvdb.org/7090
http://www.securityfocus.com/bid/10562
https://exchange.xforce.ibmcloud.com/vulnerabilities/16428
http://marc.info/?l=bugtraq&m=108746693619324&w=2
http://marc.info/?l=full-disclosure&m=108741557604568&w=2
http://research.eeye.com/html/advisories/published/AD20040615B.html
http://secunia.com/advisories/11072
http://www.eeye.com/html/research/advisories/AD20040615B.html
Exploit
Patch
Vendor Advisory
http://www.osvdb.org/7090
http://www.securityfocus.com/bid/10562
https://exchange.xforce.ibmcloud.com/vulnerabilities/16428

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:ibm:egatherer:2.0.0.16:*:*:*:*:*:*:*

EPSS

Процентиль: 82%

0.01685

Низкий

7.5 High

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-h268-8cw3-p2xg

github

почти 4 года назад