Lucene search

[email protected]CVE-2008-0473

HistoryJan 29, 2008 - 8:00 p.m.

CVE-2008-0473

2008-01-2920:00:00

CWE-20

[email protected]

web.nvd.nist.gov

cve

web wiz rich text editor

remote attack

file upload

security vulnerability

6.4 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:P/A:N

6.8 Medium

AI Score

Confidence

Low

0.005 Low

EPSS

Percentile

75.2%

JSON

RTE_popup_save_file.asp in Web Wiz Rich Text Editor 4.0 allows remote attackers to upload (1) .html and (2) .htm files via unspecified vectors.

Affected configurations

NVD

Node

web_wizrich_text_editorMatch4.0

CPENameOperatorVersion
web_wiz:rich_text_editorweb wiz rich text editoreq4.0

CPE	Name	Operator	Version
web_wiz:rich_text_editor	web wiz rich text editor	eq	4.0

References

securityreason.com/securityalert/3584

www.bugreport.ir/?/31

www.securityfocus.com/archive/1/486868/100/0/threaded

www.securityfocus.com/bid/27419

www.securityfocus.com/bid/27420

www.securitytracker.com/id?1019267

www.exploit-db.com/exploits/4971

6.4 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:P/A:N

6.8 Medium

AI Score

Confidence

Low

0.005 Low

EPSS

Percentile

75.2%

JSON

Related for CVE-2008-0473

cvelist1 prion1 nvd1