CVE-2018-18966 - OpenCVE

osCommerce 2.3.4.1 has an incomplete '.htaccess' for blacklist filtering in the "product" page. The .htaccess file in catalog/images/ bans the html extension, but Internet Explorer render HTML elements in a .eml file.

No CVSS v3.1

Attack Vector Network

Attack Complexity Low

Privileges Required High

Scope Unchanged

Confidentiality Impact None

Integrity Impact High

Availability Impact None

User Interaction None

Access Vector Network

Access Complexity Low

Authentication Single

Confidentiality Impact None

Integrity Impact Partial

Availability Impact None

AV:N/AC:L/Au:S/C:N/I:P/A:N

Vendors & Products
CPE Configurations

Vendors	Products
Microsoft	Internet Explorer
Oscommerce	Online Merchant

Configuration 1 [-]

AND

cpe:2.3:a:oscommerce:online_merchant:2.3.4.1:*:*:*:*:*:*:*

cpe:2.3:a:microsoft:internet_explorer:-:*:*:*:*:*:*:*

References

Link	Resource
https://github.com/osCommerce/oscommerce2/issues/631	Third Party Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2018-11-06T04:00:00

Updated: 2018-11-06T04:57:01

Reserved: 2018-11-05T00:00:00

Link: CVE-2018-18966

JSON object: View

NVD Information

Status : Analyzed

Published: 2018-11-06T04:29:00.317

Modified: 2020-08-24T17:37:01.140

Link: CVE-2018-18966

JSON object: View

Redhat Information

No data.

CWE

NVD-CWE-noinfo

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:oscommerce:online_merchant:2.3.4.1:*:*:*:*:*:*:*", "matchCriteriaId": "187F2439-73A2-4EEC-B546-FF30600B848D", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:a:microsoft:internet_explorer:-:*:*:*:*:*:*:*", "matchCriteriaId": "C37BA825-679F-4257-9F2B-CE2318B75396", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "osCommerce 2.3.4.1 has an incomplete '.htaccess' for blacklist filtering in the \"product\" page. The .htaccess file in catalog/images/ bans the html extension, but Internet Explorer render HTML elements in a .eml file."}, {"lang": "es", "value": "osCommerce 2.3.4.1 tiene un \".htaccess\" incompleto para el filtrado de lista negra en la p\u00e1gina \"product\". El archivo .htaccess en catalog/images/ bloquea la extensi\u00f3n html, pero Internet Explorer renderiza los elementos HTML en un archivo .eml."}], "id": "CVE-2018-18966", "lastModified": "2020-08-24T17:37:01.140", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "NONE", "baseScore": 4.0, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 8.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N", "version": "3.0"}, "exploitabilityScore": 1.2, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2018-11-06T04:29:00.317", "references": [{"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://github.com/osCommerce/oscommerce2/issues/631"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}