PT-2000-1701 · O'Reilly · O'Reilly Website Pro

Publicado

2000-10-20

Atualizado

2016-10-18

CVE-2000-0769

CVSS v2.0

7.5

Alta

Vetor

AV:N/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions O'Reilly WebSite Pro version 2.3.7

Description The issue allows remote attackers to create and execute arbitrary files by directly calling the uploader.exe program, which is installed with execute permissions for all users.

Recommendations For O'Reilly WebSite Pro version 2.3.7, consider removing execute permissions for all users from the uploader.exe program to prevent unauthorized access. As a temporary workaround, restrict access to the uploader.exe program until a patch is available.

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Identificadores relacionados

CVE-2000-0769

Produtos afetados

O'Reilly Website Pro

PT-2000-1701 · O'Reilly · O'Reilly Website Pro

CVE-2000-0769

Identificadores relacionados

Produtos afetados

Referências · 4