CVE-2005-4171

{"id": "CVE-2005-4171", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": true, "userInteractionRequired": false}]}, "published": "2005-12-11T21:03:00.000", "references": [{"url": "http://archives.neohapsis.com/archives/bugtraq/2005-11/0301.html", "tags": ["Exploit", "Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://rgod.altervista.org/efiction2_xpl.html", "tags": ["Exploit", "Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/17777", "tags": ["Exploit", "Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://securitytracker.com/id?1015273", "tags": ["Exploit"], "source": "cve@mitre.org"}, {"url": "http://www.efiction.wallflowergirl.com/forums/viewtopic.php?t=1555", "source": "cve@mitre.org"}, {"url": "http://www.osvdb.org/21124", "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/15568", "tags": ["Exploit"], "source": "cve@mitre.org"}, {"url": "http://archives.neohapsis.com/archives/bugtraq/2005-11/0301.html", "tags": ["Exploit", "Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://rgod.altervista.org/efiction2_xpl.html", "tags": ["Exploit", "Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://secunia.com/advisories/17777", "tags": ["Exploit", "Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://securitytracker.com/id?1015273", "tags": ["Exploit"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.efiction.wallflowergirl.com/forums/viewtopic.php?t=1555", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.osvdb.org/21124", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/bid/15568", "tags": ["Exploit"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-Other"}]}], "descriptions": [{"lang": "en", "value": "The \"Upload new image\" command in the \"Manage Images\" eFiction 1.1, when members are allowed to upload images, allows remote attackers to execute arbitrary PHP code by uploading a filename with a .php extension that contains a GIF header, which passes the image validity check but executes any PHP code within the file."}, {"lang": "es", "value": "La orden \"Upload new image\" (Subir nueva imagen) en \"Manage Images\" (Gestionar im\u00e1genes) de eFiction 1.1, cuando se permite a los miembros subir im\u00e1genes, permite a atacantes remotos ejecutar PHP de su elecci\u00f3n subiendo un fichero con extensi\u00f3n .php que contiene una cabecera GIF, que pasa la comprobaci\u00f3n de validaci\u00f3n de imagen pero ejecuta cualquier c\u00f3digo PHP en el fichero."}], "lastModified": "2024-11-21T00:03:37.393", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:efiction_project:efiction:1.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1234166D-F9ED-41DA-B08F-21E6B96AC43B"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}