CVE-2005-3765

Опубликовано: 22 нояб. 2005

Источник: nvd

CVSS2: 7.5

EPSS Низкий

Описание

Exponent CMS 0.96.3 and later versions performs a chmod on uploaded files to give them execute permissions, which allows remote attackers to execute arbitrary code.

Ссылки

http://secunia.com/advisories/17505
http://secunia.com/advisories/17655
Vendor Advisory
http://www.securityfocus.com/archive/1/417218
Vendor Advisory
http://www.securityfocus.com/bid/15503
http://secunia.com/advisories/17505
http://secunia.com/advisories/17655
Vendor Advisory
http://www.securityfocus.com/archive/1/417218
Vendor Advisory
http://www.securityfocus.com/bid/15503

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:exponent:exponent:0.94:*:*:*:*:*:*:*

cpe:2.3:a:exponent:exponent:0.95:*:*:*:*:*:*:*

cpe:2.3:a:exponent:exponent:0.96.1:*:*:*:*:*:*:*

cpe:2.3:a:exponent:exponent:0.96.3:*:*:*:*:*:*:*

cpe:2.3:a:exponent:exponent:0.96.4:*:*:*:*:*:*:*

EPSS

Процентиль: 82%

0.017

Низкий

7.5 High

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-gp9r-8xcc-jcx5

github

почти 4 года назад