7.5
CVE-2003-0950
- EPSS 2.06%
- Veröffentlicht 15.12.2003 05:00:00
- Zuletzt bearbeitet 16.06.2026 22:03:13
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
LoginPeopleSoft PeopleTools 8.1x, 8.2x, and 8.4x allows remote attackers to execute arbitrary commands by uploading a file to the IClient Servlet, guessing the insufficiently random (system time) name of the directory used to store the file, and directly requesting that file.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Peoplesoft ≫ Peopletools Version8.4
Peoplesoft ≫ Peopletools Version8.10
Peoplesoft ≫ Peopletools Version8.11
Peoplesoft ≫ Peopletools Version8.12
Peoplesoft ≫ Peopletools Version8.13
Peoplesoft ≫ Peopletools Version8.14
Peoplesoft ≫ Peopletools Version8.15
Peoplesoft ≫ Peopletools Version8.16
Peoplesoft ≫ Peopletools Version8.17
Peoplesoft ≫ Peopletools Version8.18
Peoplesoft ≫ Peopletools Version8.19
Peoplesoft ≫ Peopletools Version8.20
Peoplesoft ≫ Peopletools Version8.40
Peoplesoft ≫ Peopletools Version8.41
Peoplesoft ≫ Peopletools Version8.42
Peoplesoft ≫ Peopletools Version8.43
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 2.06% | 0.788 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 10 | 6.4 |
AV:N/AC:L/Au:N/C:P/I:P/A:P
|
http://www.securityfocus.com/bid/9041
http://xforce.iss.net/xforce/alerts/id/157
https://exchange.xforce.ibmcloud.com/vulnerabilities/12805