Lucene search

[email protected]NVD:CVE-2015-0877

HistoryApr 06, 2015 - 1:59 a.m.

CVE-2015-0877

2015-04-0601:59:00

[email protected]

web.nvd.nist.gov

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

7.7

Confidence

Low

EPSS

0.019

Percentile

88.5%

JSON

Unrestricted file upload vulnerability in app/lib/mlf.pl in C-BOARD Moyuku before 1.03b3 allows remote attackers to execute arbitrary code by uploading a file with a \0 character in its name.

Affected configurations

Nvd

Node

c-board_moyuku_projectc-board_moyukuRange≤1.03b2

c-board_moyuku_projectc-board_moyukuMatch1.01b1

c-board_moyuku_projectc-board_moyukuMatch1.01b2

c-board_moyuku_projectc-board_moyukuMatch1.01b3

c-board_moyuku_projectc-board_moyukuMatch1.01b4

c-board_moyuku_projectc-board_moyukuMatch1.01b6

c-board_moyuku_projectc-board_moyukuMatch1.02b1

c-board_moyuku_projectc-board_moyukuMatch1.03b1

VendorProductVersionCPE
c-board_moyuku_projectc-board_moyuku*cpe:2.3:a:c-board_moyuku_project:c-board_moyuku:*:b2:*:*:*:*:*:*
c-board_moyuku_projectc-board_moyuku1.01cpe:2.3:a:c-board_moyuku_project:c-board_moyuku:1.01:b1:*:*:*:*:*:*
c-board_moyuku_projectc-board_moyuku1.01cpe:2.3:a:c-board_moyuku_project:c-board_moyuku:1.01:b2:*:*:*:*:*:*
c-board_moyuku_projectc-board_moyuku1.01cpe:2.3:a:c-board_moyuku_project:c-board_moyuku:1.01:b3:*:*:*:*:*:*
c-board_moyuku_projectc-board_moyuku1.01cpe:2.3:a:c-board_moyuku_project:c-board_moyuku:1.01:b4:*:*:*:*:*:*
c-board_moyuku_projectc-board_moyuku1.01cpe:2.3:a:c-board_moyuku_project:c-board_moyuku:1.01:b6:*:*:*:*:*:*
c-board_moyuku_projectc-board_moyuku1.02cpe:2.3:a:c-board_moyuku_project:c-board_moyuku:1.02:b1:*:*:*:*:*:*
c-board_moyuku_projectc-board_moyuku1.03cpe:2.3:a:c-board_moyuku_project:c-board_moyuku:1.03:b1:*:*:*:*:*:*

Vendor	Product	Version	CPE
c-board_moyuku_project	c-board_moyuku	*	cpe:2.3:a:c-board_moyuku_project:c-board_moyuku::b2::::::*
c-board_moyuku_project	c-board_moyuku	1.01	cpe:2.3:a:c-board_moyuku_project:c-board_moyuku:1.01:b1::::::
c-board_moyuku_project	c-board_moyuku	1.01	cpe:2.3:a:c-board_moyuku_project:c-board_moyuku:1.01:b2::::::
c-board_moyuku_project	c-board_moyuku	1.01	cpe:2.3:a:c-board_moyuku_project:c-board_moyuku:1.01:b3::::::
c-board_moyuku_project	c-board_moyuku	1.01	cpe:2.3:a:c-board_moyuku_project:c-board_moyuku:1.01:b4::::::
c-board_moyuku_project	c-board_moyuku	1.01	cpe:2.3:a:c-board_moyuku_project:c-board_moyuku:1.01:b6::::::
c-board_moyuku_project	c-board_moyuku	1.02	cpe:2.3:a:c-board_moyuku_project:c-board_moyuku:1.02:b1::::::
c-board_moyuku_project	c-board_moyuku	1.03	cpe:2.3:a:c-board_moyuku_project:c-board_moyuku:1.03:b1::::::

References

jvn.jp/en/jp/JVN73261710/index.html

jvndb.jvn.jp/jvndb/JVNDB-2015-000018

sourceforge.jp/projects/cb-moyuku/news/

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

7.7

Confidence

Low

EPSS

0.019

Percentile

88.5%

JSON

Related for NVD:CVE-2015-0877

cvelist1 cve1 prion1 jvn1