CVE-2014-3088

stconf.nsf in IBM Sametime Meeting Server 8.5.1 relies on the client to validate the file format used in wAttach?OpenForm multipart/form-data POST requests, which allows remote authenticated users to bypass intended upload restrictions by modifying the Content-Type header and file extension, as demonstrated by replacing a text/plain .txt upload with an application/octet-stream .exe upload.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
5.5 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:S/C:P/I:P/A:N
ibmCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 44%
VendorProductVersion
ibmsametime_meeting_server
8.5.1
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://linux.oracle.com/errata/ELSA-2014-0747.html
http://packetstormsecurity.com/files/127294
http://packetstormsecurity.com/files/127829/IBM-Sametime-Meet-Server-8.5-Arbitrary-File-Upload.html
http://www.securityfocus.com/bid/68291
http://linux.oracle.com/errata/ELSA-2014-0747.html
http://packetstormsecurity.com/files/127294
http://packetstormsecurity.com/files/127829/IBM-Sametime-Meet-Server-8.5-Arbitrary-File-Upload.html
http://www.securityfocus.com/bid/68291