Lucene search

[email protected]CVE-2000-0769

HistoryOct 20, 2000 - 4:00 a.m.

CVE-2000-0769

2000-10-2004:00:00

[email protected]

web.nvd.nist.gov

o'reilly website pro

uploader.exe

cve-2000-0769

remote attack

execution permissions.

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.8 High

AI Score

Confidence

Low

0.004 Low

EPSS

Percentile

72.6%

JSON

O’Reilly WebSite Pro 2.3.7 installs the uploader.exe program with execute permissions for all users, which allows remote attackers to create and execute arbitrary files by directly calling uploader.exe.

Affected configurations

NVD

Node

oreillywebsite_proRange≤2.3.7

CPENameOperatorVersion
oreilly:website_prooreilly website prole2.3.7

CPE	Name	Operator	Version
oreilly:website_pro	oreilly website pro	le	2.3.7

References

marc.info/?l=bugtraq&m=96715834610888&w=2

www.securityfocus.com/bid/1611

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.8 High

AI Score

Confidence

Low

0.004 Low

EPSS

Percentile

72.6%

JSON

Related for CVE-2000-0769

nvd1 cvelist1