PT-2007-4535 · Xythos · Webfile Server+2

Publicado

2007-06-27

Atualizado

2018-10-16

CVE-2007-3256

CVSS v2.0

4.0

Média

Vetor

AV:N/AC:L/Au:S/C:N/I:P/A:N

Name of the Vulnerable Software and Affected Versions Xythos Enterprise Document Manager (XEDM) versions prior to 6.0.46.1 Digital Locker (XDL) versions prior to 6.0.46.1 WebFile Server versions prior to 6.0.46.1

Description The issue allows remote authenticated users to associate arbitrary Content-Type HTTP headers with documents. This could potentially facilitate malware distribution.

Recommendations For Xythos Enterprise Document Manager (XEDM) versions prior to 6.0.46.1, update to version 6.0.46.1 or later. For Digital Locker (XDL) versions prior to 6.0.46.1, update to version 6.0.46.1 or later. For WebFile Server versions prior to 6.0.46.1, update to version 6.0.46.1 or later.

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Identificadores relacionados

CVE-2007-3256

Produtos afetados

Digital Locker

Webfile Server

Xythos Enterprise Document Manager

PT-2007-4535 · Xythos · Webfile Server+2

CVE-2007-3256

Identificadores relacionados

Produtos afetados

Referências · 10