Unrestricted file upload vulnerability in ImageUpload.ashx in the Wallboard application in Avaya IP Office Customer Call Reporter 7.0 before 7.0.5.8 Q1 2012 Maintenance Release and 8.0 before 8.0.9.13 Q1 2012 Maintenance Release allows remote attackers to execute arbitrary code by uploading an executable file and then accessing it via a direct request.
References
Link | Resource |
---|---|
http://zerodayinitiative.com/advisories/ZDI-12-106/ | |
https://downloads.avaya.com/css/P8/documents/100164021 | Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2022-10-03T16:15:22
Updated: 2022-10-03T16:15:22
Reserved: 2022-10-03T00:00:00
Link: CVE-2012-3811
JSON object: View
NVD Information
Status : Analyzed
Published: 2012-07-03T19:55:04.663
Modified: 2012-07-17T04:00:00.000
Link: CVE-2012-3811
JSON object: View
Redhat Information
No data.
CWE