admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-29 01:31:20 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2005/CVE-2005-34xx/CVE-2005-3430.json
cad-safe-bot e6cbafdc40 Auto-Update: 2024-12-08T03:00:18.988682+00:00
2024-12-08 03:06:42 +00:00

154 lines
4.3 KiB
JSON
Raw Blame History

{
"id": "CVE-2005-3430",
"sourceIdentifier": "cve@mitre.org",
"published": "2005-11-02T11:02:00.000",
"lastModified": "2024-11-21T00:01:52.943",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Incomplete blacklist vulnerability in Rockliffe MailSite Express before 6.1.22 allows remote attackers to upload and execute arbitrary script files by giving the files specific extensions, such as (1) .unk, (2) .asa, and possibly (3) .htr and (4) .aspx, which are not filtered like the .asp extension."
}
],
"metrics": {
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"baseScore": 7.5,
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "NONE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL"
},
"baseSeverity": "HIGH",
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rockliffe:mailsite_express:*:*:*:*:*:*:*:*",
"versionEndIncluding": "6.1.21",
"matchCriteriaId": "CF85F655-3BC7-4804-8E00-FAD19B9E6620"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rockliffe:mailsite_express:6.1.20:*:*:*:*:*:*:*",
"matchCriteriaId": "A63D4D75-76B2-4566-B91E-3FB1AD1BACEA"
}
]
}
]
}
],
"references": [
{
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2005-10/0578.html",
"source": "cve@mitre.org",
"tags": [
"Patch"
]
},
{
"url": "http://marc.info/?l=bugtraq&m=113053680631151&w=2",
"source": "cve@mitre.org"
},
{
"url": "http://secunia.com/advisories/17240/",
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
]
},
{
"url": "http://securitytracker.com/id?1015117",
"source": "cve@mitre.org"
},
{
"url": "http://www.security-assessment.com/Advisories/Rockliffe_Express_Webmail_Vulnerabilities.pdf",
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
]
},
{
"url": "http://www.securityfocus.com/bid/15230",
"source": "cve@mitre.org"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/22907",
"source": "cve@mitre.org"
},
{
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2005-10/0578.html",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "http://marc.info/?l=bugtraq&m=113053680631151&w=2",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "http://secunia.com/advisories/17240/",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
},
{
"url": "http://securitytracker.com/id?1015117",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "http://www.security-assessment.com/Advisories/Rockliffe_Express_Webmail_Vulnerabilities.pdf",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
]
},
{
"url": "http://www.securityfocus.com/bid/15230",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/22907",
"source": "af854a3a-2127-422b-91ae-364da2661108"
}
]
}
Reference in New Issue View Git Blame Copy Permalink