Atlassian JIRA 3.12 through 4.1 allows remote authenticated administrators to execute arbitrary code by modifying the (1) attachment (aka attachments), (2) index (aka indexing), or (3) backup path and then uploading a file, as exploited in the wild in April 2010.
Metrics
Affected Vendors & Products
Advisories
Source | ID | Title |
---|---|---|
![]() |
EUVD-2010-1195 | Atlassian JIRA 3.12 through 4.1 allows remote authenticated administrators to execute arbitrary code by modifying the (1) attachment (aka attachments), (2) index (aka indexing), or (3) backup path and then uploading a file, as exploited in the wild in April 2010. |
Fixes
Solution
No solution given by the vendor.
Workaround
No workaround given by the vendor.
References
History
Mon, 14 Jul 2025 13:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
epss
|
epss
|

Status: PUBLISHED
Assigner: redhat
Published:
Updated: 2024-08-07T01:14:06.696Z
Reserved: 2010-03-29T00:00:00
Link: CVE-2010-1165

No data.

Status : Deferred
Published: 2010-04-20T15:30:00.553
Modified: 2025-04-11T00:51:21.963
Link: CVE-2010-1165

No data.

No data.