The Server Side Includes (SSI) implementation in the File Upload BBS component in ULTRAPOP.JP i-HTTPD allows remote attackers to execute arbitrary commands by uploading files containing commands in SSI directives.
References
Link | Resource |
---|---|
http://jvn.jp/en/jp/JVN16406395/360573/index.html | Vendor Advisory |
http://jvn.jp/en/jp/JVN16406395/index.html | Vendor Advisory |
http://jvndb.jvn.jp/jvndb/JVNDB-2014-000143 | Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: jpcert
Published: 2014-12-12T00:00:00
Updated: 2014-12-12T00:57:00
Reserved: 2014-09-30T00:00:00
Link: CVE-2014-7260
JSON object: View
NVD Information
Status : Analyzed
Published: 2014-12-12T00:59:00.170
Modified: 2014-12-12T20:30:27.993
Link: CVE-2014-7260
JSON object: View
Redhat Information
No data.
CWE