CVE-2005-4855

Unrestricted file upload vulnerability in eZ publish 3.5 before 3.5.5, 3.6 before 3.6.2, 3.7 before 3.7.0rc2, and 3.8 before 20050922 does not restrict Image datatype uploads to image content types, which allows remote authenticated users to upload certain types of files, as demonstrated by .js files, which may enable cross-site scripting (XSS) attacks or other attacks.

CVSS v2.0 3.5 LOW

3.5^/10

CVSS v2.0 : LOW

Vector : AV:N/AC:M/Au:S/C:N/I:P/A:N

Exploitability : 6.8 / Impact : 2.9

Access Vector NETWORK

Access Complexity MEDIUM

Authentication SINGLE

Confidentiality Impact NONE

Integrity Impact PARTIAL

Availability Impact NONE

References

Link	Resource
http://ez.no/download/ez_publish/changelogs/ez_publish_3_8/changelog_3_6_x_3_7_x_to_3_8_0	Vendor Advisory
http://issues.ez.no/5984	Vendor Advisory
http://ez.no/download/ez_publish/changelogs/ez_publish_3_8/changelog_3_6_x_3_7_x_to_3_8_0	Vendor Advisory
http://issues.ez.no/5984	Vendor Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:ez:ez_publish::::::::
	cpe:2.3:a:ez:ez_publish::::::::
	cpe:2.3:a:ez:ez_publish:3.7.0:rc1::::::
	cpe:2.3:a:ez:ez_publish:3.8.0:::::::*

History

21 Nov 2024, 00:05

Type	Values Removed	Values Added
References	~~() http://ez.no/download/ez_publish/changelogs/ez_publish_3_8/changelog_3_6_x_3_7_x_to_3_8_0 - Vendor Advisory~~	() http://ez.no/download/ez_publish/changelogs/ez_publish_3_8/changelog_3_6_x_3_7_x_to_3_8_0 - Vendor Advisory
References	~~() http://issues.ez.no/5984 - Vendor Advisory~~	() http://issues.ez.no/5984 - Vendor Advisory

Information

Published : 2005-12-31 05:00

Updated : 2024-11-21 00:05

NVD link : CVE-2005-4855

Mitre link : CVE-2005-4855

CVE.ORG link : CVE-2005-4855

JSON object : View

Products Affected

ez

ez_publish

CWE

CWE-264

Permissions, Privileges, and Access Controls

{"id": "CVE-2005-4855", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 3.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N", "authentication": "SINGLE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "NONE", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "LOW", "obtainAllPrivilege": false, "exploitabilityScore": 6.8, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}]}, "published": "2005-12-31T05:00:00.000", "references": [{"url": "http://ez.no/download/ez_publish/changelogs/ez_publish_3_8/changelog_3_6_x_3_7_x_to_3_8_0", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://issues.ez.no/5984", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://ez.no/download/ez_publish/changelogs/ez_publish_3_8/changelog_3_6_x_3_7_x_to_3_8_0", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://issues.ez.no/5984", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-264"}]}], "descriptions": [{"lang": "en", "value": "Unrestricted file upload vulnerability in eZ publish 3.5 before 3.5.5, 3.6 before 3.6.2, 3.7 before 3.7.0rc2, and 3.8 before 20050922 does not restrict Image datatype uploads to image content types, which allows remote authenticated users to upload certain types of files, as demonstrated by .js files, which may enable cross-site scripting (XSS) attacks or other attacks."}], "lastModified": "2024-11-21T00:05:20.610", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:ez:ez_publish:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1D74B745-1ADF-42D7-8EF5-42CAE621AA5F", "versionEndExcluding": "3.5.5", "versionStartIncluding": "3.5.0"}, {"criteria": "cpe:2.3:a:ez:ez_publish:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0D82DD56-F9C1-42E3-ACBE-1E728C2526F9", "versionEndExcluding": "3.6.2", "versionStartIncluding": "3.6.0"}, {"criteria": "cpe:2.3:a:ez:ez_publish:3.7.0:rc1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "365205E7-B022-45C6-999D-BD080EF8C123"}, {"criteria": "cpe:2.3:a:ez:ez_publish:3.8.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FB054C0B-3D03-4452-97EA-E89C9E524C49"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}