Lucene search

[email protected]CVE-2004-0959

HistoryNov 03, 2004 - 5:00 a.m.

CVE-2004-0959

2004-11-0305:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

php

rfc1867.c

vulnerability

file upload

security

php 5.0.2

cve-2004-0959

8.7 High

AI Score

Confidence

High

2.1 Low

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:L/AC:L/Au:N/C:N/I:P/A:N

0.0004 Low

EPSS

Percentile

14.4%

JSON

rfc1867.c in PHP before 5.0.2 allows local users to upload files to arbitrary locations via a PHP script with a certain MIME header that causes the “$_FILES” array to be modified.

CPENameOperatorVersion
php:phpphple5.0.2

CPE	Name	Operator	Version
php:php	php	le	5.0.2

References

archives.neohapsis.com/archives/vulnwatch/2004-q3/0054.html

marc.info/?l=bugtraq&m=109534848430404&w=2

secunia.com/advisories/12560/

securitytracker.com/id?1011307

www.redhat.com/support/errata/RHSA-2004-687.html

bugzilla.fedora.us/show_bug.cgi?id=2344

exchange.xforce.ibmcloud.com/vulnerabilities/17392

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10961

8.7 High

AI Score

Confidence

High

2.1 Low

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:L/AC:L/Au:N/C:N/I:P/A:N

0.0004 Low

EPSS

Percentile

14.4%

JSON

Related for CVE-2004-0959

ubuntucve1 nessus3 openvas1 checkpoint_advisories1 redhat1