CVE-2008-4549

Sažetak

The ImageShack Toolbar ActiveX control (ImageShackToolbar.dll) in ImageShack Toolbar 4.5.7, possibly including 4.5.7.69, allows remote attackers to force the upload of arbitrary image files to the ImageShack site via a file: URI argument to the BuildSlideShow method.

Reference

http://osvdb.org/40628
http://secunia.com/advisories/28644
http://securityreason.com/securityalert/4410
http://www.securityfocus.com/archive/1/486941/100/200/threaded
http://www.securityfocus.com/bid/27439
https://exchange.xforce.ibmcloud.com/vulnerabilities/39921
https://www.exploit-db.com/exploits/4981

CVSS

Base:	2.6
Impact:	2.9
Exploitability:	4.9

Pristup

Vektor	Složenost	Autentikacija
NETWORK	HIGH	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	NONE	NONE

CVSS vektor

AV:N/AC:H/Au:N/C:P/I:N/A:N

Zadnje važnije ažuriranje

11-10-2018 - 20:52

Objavljeno

14-10-2008 - 18:12