Lucene search

[email protected]CVE-2002-0223

HistoryMay 16, 2002 - 4:00 a.m.

CVE-2002-0223

2002-05-1604:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve

infopop ubb.threads

wwwthreads

file upload

vulnerability

security breach

7.7 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.006 Low

EPSS

Percentile

78.5%

JSON

Infopop UBB.Threads 5.4 and Wired Community Software WWWThreads 5.0 through 5.0.9 allows remote attackers to upload arbitrary files by using a filename that contains an accepted extension, but ends in a different extension.

CPENameOperatorVersion
wired_community_software:wwwthreadswired community software wwwthreadseq5.0.6
infopop:ultimate_bulletin_boardinfopop ultimate bulletin boardeq5.4
wired_community_software:wwwthreadswired community software wwwthreadseq5.0
wired_community_software:wwwthreadswired community software wwwthreadseq5.0.9
wired_community_software:wwwthreadswired community software wwwthreadseq5.0.8

CPE	Name	Operator	Version
wired_community_software:wwwthreads	wired community software wwwthreads	eq	5.0.6
infopop:ultimate_bulletin_board	infopop ultimate bulletin board	eq	5.4
wired_community_software:wwwthreads	wired community software wwwthreads	eq	5.0
wired_community_software:wwwthreads	wired community software wwwthreads	eq	5.0.9
wired_community_software:wwwthreads	wired community software wwwthreads	eq	5.0.8

References

online.securityfocus.com/archive/1/253172

www.iss.net/security_center/static/8022.php

www.securityfocus.com/bid/3993

7.7 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.006 Low

EPSS

Percentile

78.5%

JSON