|
|
CVE Reference: CVE-2007-3163 |
|
| NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. | |
|
Original Page at CVE MITRE: CVE-2007-3163 |
|
|
Description: Incomplete blacklist vulnerability in the filemanager in Frederico Caldeira Knabben FCKeditor 2.4.2 allows remote attackers to upload arbitrary .php files via an alternate data stream syntax, as demonstrated by .php::$DATA filenames, a related issue to CVE-2006-0658. |
|
|
CVE Status: Candidate |
|
|
References: XF http://xforce.iss.net/xforce/xfdb/34982 SAID Secunia Advisory: SA25719 Secunia Advisory: SA25923 MISC http://www.bitchiller.de/?p=20 http://ha.ckers.org/blog/20070606/additional-image-bypass-on-windows/ CONFIRM http://sourceforge.net/project/shownotes.php?release_id=520159 BID 24510 |
|
| Return to the previous page. |
