CVE-2006-1704
published 2006-04-11CVE-2006-1704: Sire 2.0 nws allows remote attackers to upload arbitrary image files without authentication via a direct request to upload.php.
PriorityP336medium5CVSS 2.0
AVNACLAuNCNIPAN
EXPLOIT
EPSS
2.38%
81.8th percentile
Sire 2.0 nws allows remote attackers to upload arbitrary image files without authentication via a direct request to upload.php.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| hubert_plisson | sire | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Bugzilla
CVE-2005-1704 Integer overflow in libelf
bugzilla·2005-06-09·CVSS 4.6
CVE-2005-1704 [MEDIUM] CVE-2005-1704 Integer overflow in libelf
CVE-2005-1704 Integer overflow in libelf
+++ This bug was initially created as a clone of Bug #159888 +++
Integer overflow in libelf allows attackers to
execute arbitrary code via a crafted object file that specifies a large number
of section headers, leading to a heap-based buffer overflow.
Discussion:
Fixes are in 0.94.1-1 build.
---
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.
http://rhn.redhat.com/errata/RHSA-2006-0368.html
Bugzilla
CVE-2005-1704 Integer overflow in libelf
bugzilla·2005-06-08·CVSS 4.6
CVE-2005-1704 [MEDIUM] CVE-2005-1704 Integer overflow in libelf
CVE-2005-1704 Integer overflow in libelf
Integer overflow in the BFD library for libelf before 6.3 allows attackers to
execute arbitrary code via a crafted object file that specifies a large number
of section headers, leading to a heap-based buffer overflow.
Discussion:
This issue should also affect RHEL2.1 and RHEL3
---
elfutils is not in RHEL2.1, my mistake.
---
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.
http://rhn.redhat.com/errata/RHSA-2006-0354.html
http://securitytracker.com/id?1015885http://www.securityfocus.com/archive/1/430301/100/0/threadedhttp://www.securityfocus.com/bid/17431https://exchange.xforce.ibmcloud.com/vulnerabilities/25727http://securitytracker.com/id?1015885http://www.securityfocus.com/archive/1/430301/100/0/threadedhttp://www.securityfocus.com/bid/17431https://exchange.xforce.ibmcloud.com/vulnerabilities/25727
2006-04-11
Published