PT-2007-4535 · Xythos · Webfile Server+2

Published

2007-06-27

Updated

2018-10-16

CVE-2007-3256

CVSS v2.0

4.0

Medium

Vector

AV:N/AC:L/Au:S/C:N/I:P/A:N

Name of the Vulnerable Software and Affected Versions Xythos Enterprise Document Manager (XEDM) versions prior to 6.0.46.1 Digital Locker (XDL) versions prior to 6.0.46.1 WebFile Server versions prior to 6.0.46.1

Description The issue allows remote authenticated users to associate arbitrary Content-Type HTTP headers with documents. This could potentially facilitate malware distribution.

Recommendations For Xythos Enterprise Document Manager (XEDM) versions prior to 6.0.46.1, update to version 6.0.46.1 or later. For Digital Locker (XDL) versions prior to 6.0.46.1, update to version 6.0.46.1 or later. For WebFile Server versions prior to 6.0.46.1, update to version 6.0.46.1 or later.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2007-3256

Affected Products

Digital Locker

Webfile Server

Xythos Enterprise Document Manager

PT-2007-4535 · Xythos · Webfile Server+2

CVE-2007-3256

Related Identifiers

Affected Products

References · 10