CVE-2003-0950
Published Dec 15, 2003
Last updated 7 years ago
Overview
- Description
- PeopleSoft PeopleTools 8.1x, 8.2x, and 8.4x allows remote attackers to execute arbitrary commands by uploading a file to the IClient Servlet, guessing the insufficiently random (system time) name of the directory used to store the file, and directly requesting that file.
- Source
- cve@mitre.org
- NVD status
- Modified
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 7.5
- Impact score
- 6.4
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:P/I:P/A:P
Weaknesses
- nvd@nist.gov
- NVD-CWE-Other
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:peoplesoft:peopletools:8.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "70B618A8-48AF-4193-BCD8-7B0F24923860"
},
{
"criteria": "cpe:2.3:a:peoplesoft:peopletools:8.10:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "EE31EA39-F6EE-4FC6-A64F-74E1364A84C3"
},
{
"criteria": "cpe:2.3:a:peoplesoft:peopletools:8.11:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D5611ED3-9504-469C-A33D-D6AB31971BE5"
},
{
"criteria": "cpe:2.3:a:peoplesoft:peopletools:8.12:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "030FF50A-1D1D-4D7D-964E-2F2CA3980C27"
},
{
"criteria": "cpe:2.3:a:peoplesoft:peopletools:8.13:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4D113AFE-BEF6-4557-B814-073F56912667"
},
{
"criteria": "cpe:2.3:a:peoplesoft:peopletools:8.14:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9ADCBDC1-C291-4978-95CC-2955AF9F0149"
},
{
"criteria": "cpe:2.3:a:peoplesoft:peopletools:8.15:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "623DDE5E-20CF-4002-A532-E1B0171FF0C5"
},
{
"criteria": "cpe:2.3:a:peoplesoft:peopletools:8.16:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "55820FF1-2A48-4699-8C90-90CBC0C2D6A4"
},
{
"criteria": "cpe:2.3:a:peoplesoft:peopletools:8.17:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "EAD1CF68-901D-4366-81F1-20E561BEB405"
},
{
"criteria": "cpe:2.3:a:peoplesoft:peopletools:8.18:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3B7B6AF6-2C2B-4186-911A-63D7CCE34E79"
},
{
"criteria": "cpe:2.3:a:peoplesoft:peopletools:8.19:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4A132448-0960-4878-9947-8F0B07C2E516"
},
{
"criteria": "cpe:2.3:a:peoplesoft:peopletools:8.20:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "15C45E32-CDEB-4AB2-B3BB-1F399F98E0B7"
},
{
"criteria": "cpe:2.3:a:peoplesoft:peopletools:8.40:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "805FBA0A-0B52-4E61-A45C-E2C9AD48E555"
},
{
"criteria": "cpe:2.3:a:peoplesoft:peopletools:8.41:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F94A7F77-D984-49BD-B59E-EBBC91C56C66"
},
{
"criteria": "cpe:2.3:a:peoplesoft:peopletools:8.42:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FD78CC13-C007-4AB1-912E-16B37D1D55CD"
},
{
"criteria": "cpe:2.3:a:peoplesoft:peopletools:8.43:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "ECCB21D3-4FCB-4F0E-8430-B587512D04ED"
}
],
"operator": "OR"
}
]
}
]