BibORB 1.3.2, and possibly earlier versions, does not properly enforce a restriction for uploading only PDF and PS files, which allows remote attackers to upload arbitrary files that are presented to other users with PDF or PS icons, which may trick some users into downloading and executing those files.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2005-02-17T05:00:00
Updated: 2024-08-07T21:05:25.478Z
Reserved: 2005-02-09T00:00:00
Link: CVE-2005-0254
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2005-05-02T04:00:00.000
Modified: 2024-02-02T16:44:39.910
Link: CVE-2005-0254
Redhat
No data.