CVE-2009-4373

Unrestricted file upload vulnerability in repository/repository_attachment.php in AlienVault Open Source Security Information Management (OSSIM) 2.1.5, and possibly other versions before 2.1.5-4, allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in ossiminstall/uploads/.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

OR cpe:2.3:a:alienvault:open_source_security_information_management:2.1.5-1:*:*:*:*:*:*:*
cpe:2.3:a:alienvault:open_source_security_information_management:2.1.5-2:*:*:*:*:*:*:*
cpe:2.3:a:alienvault:open_source_security_information_management:2.1.5:*:*:*:*:*:*:*
cpe:2.3:a:alienvault:open_source_security_information_management:2.1.5-3:*:*:*:*:*:*:*

Information

Published : 2009-12-21 08:30

Updated : 2010-06-28 21:00


NVD link : CVE-2009-4373

Mitre link : CVE-2009-4373


JSON object : View

Advertisement

dedicated server usa

Products Affected

alienvault

  • open_source_security_information_management