Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
5.5
CVSSv2

CVE-2014-3088

Published: 01/07/2014 Updated: 07/01/2017
CVSS v2 Base Score: 5.5 | Impact Score: 4.9 | Exploitability Score: 8
VMScore: 490
Vector: AV:N/AC:L/Au:S/C:P/I:P/A:N
Subscribe to Ibm

Vulnerability Summary

stconf.nsf in IBM Sametime Meeting Server 8.5.1 relies on the client to validate the file format used in wAttach?OpenForm multipart/form-data POST requests, which allows remote authenticated users to bypass intended upload restrictions by modifying the Content-Type header and file extension, as demonstrated by replacing a text/plain .txt upload with an application/octet-stream .exe upload.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

ibm sametime meeting server 8.5.1

Exploits

Exploit DB: IBM Sametime Meet Server 8.5 Arbitrary File Upload
IBM Sametime Meet Server version 88 suffers from a remote arbitrary file upload vulnerability ...

References

CWE-264http://www.securityfocus.com/bid/68291http://packetstormsecurity.com/files/127294http://packetstormsecurity.com/files/127829/IBM-Sametime-Meet-Server-8.5-Arbitrary-File-Upload.htmlhttp://linux.oracle.com/errata/ELSA-2014-0747.htmlhttps://nvd.nist.govhttps://packetstormsecurity.com/files/127829/IBM-Sametime-Meet-Server-8.5-Arbitrary-File-Upload.html
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
remote code executionCVE-2024-34909CVE-2024-3317SSTICVE-2024-3400CVE-2024-30051wirelessCVE-2024-4622CVE-2024-4908
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook