Published: 11/06/2007 Updated: 14/02/2024

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

VMScore: 445

Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N

Incomplete blacklist vulnerability in the filemanager in Frederico Caldeira Knabben FCKeditor 2.4.2 allows remote malicious users to upload arbitrary .php files via an alternate data stream syntax, as demonstrated by .php::$DATA filenames, a related issue to CVE-2006-0658.

Vulnerable Product	Search on Vulmon	Subscribe to Product
frederico caldeira knabben fckeditor 2.4.2

Debian Bug report logs - #429204 [CVE-2007-3163, CVE-2006-6978 etc] FCKEditor issues Package: knowledgeroot; Maintainer for knowledgeroot is (unknown); Reported by: Florian Weimer <fw@denebenyode> Date: Sat, 16 Jun 2007 10:03:06 UTC Severity: grave Tags: security Fixed in version knowledgeroot/0982-2 Done: Frank Ha ...

NVD-CWE-Other http://ha.ckers.org/blog/20070606/additional-image-bypass-on-windows/http://www.bitchiller.de/?p=20 http://sourceforge.net/project/shownotes.php?release_id=520159 http://www.securityfocus.com/bid/24510 http://secunia.com/advisories/25719 http://secunia.com/advisories/25923 http://osvdb.org/37554 https://exchange.xforce.ibmcloud.com/vulnerabilities/34982 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=429204 https://nvd.nist.gov

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2007-3163

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect