CVE-2009-4140
Published Dec 22, 2009
Last updated 5 years ago
Overview
- Description
- Unrestricted file upload vulnerability in ofc_upload_image.php in Open Flash Chart v2 Beta 1 through v2 Lug Wyrm Charmer, as used in Piwik 0.2.35 through 0.4.3, Woopra Analytics Plugin before 1.4.3.2, and possibly other products, when register_globals is enabled, allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension through the name parameter with the code in the HTTP_RAW_POST_DATA parameter, then accessing it via a direct request to the file in tmp-upload-images/.
- Source
- secalert@redhat.com
- NVD status
- Modified
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 7.5
- Impact score
- 6.4
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:P/I:P/A:P
Weaknesses
- nvd@nist.gov
- NVD-CWE-Other
Social media
- Hype score
- Not currently trending
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:teethgrinder.co.uk:open_flash_chart:2.0:beta_1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "CAFD137D-4772-49C4-8EDE-74F838BFB1D2"
},
{
"criteria": "cpe:2.3:a:teethgrinder.co.uk:open_flash_chart:2.0:gamera:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F9FC6227-6C33-4533-9263-C43CC218E314"
},
{
"criteria": "cpe:2.3:a:teethgrinder.co.uk:open_flash_chart:2.0:hyperion:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7AE13D32-E4A6-4274-9AAF-8CFB37E0CC4E"
},
{
"criteria": "cpe:2.3:a:teethgrinder.co.uk:open_flash_chart:2.0:ichor:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "EFFC03CB-7773-4CAF-AF9D-E2F50FDB8F1F"
},
{
"criteria": "cpe:2.3:a:teethgrinder.co.uk:open_flash_chart:2.0:j_rmungandr:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4C0AEFA3-7433-4A79-BED0-0C44FBB916BC"
},
{
"criteria": "cpe:2.3:a:teethgrinder.co.uk:open_flash_chart:2.0:j_rmungandr-2:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9C544F30-E14B-4B34-B8E8-6F984ECEF72A"
},
{
"criteria": "cpe:2.3:a:teethgrinder.co.uk:open_flash_chart:2.0:kvasir:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "139C1538-502B-41FC-9DB7-229F5FD3A939"
},
{
"criteria": "cpe:2.3:a:teethgrinder.co.uk:open_flash_chart:2.0:lug_wyrm_charmer:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "014A2738-B528-472F-8E0F-A206F9D423C3"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:matomo:matomo:0.2.37:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D0FD1280-C769-4B8D-B0F4-26B405E080CA"
},
{
"criteria": "cpe:2.3:a:matomo:matomo:0.4.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "863EB628-3970-4F96-81E8-827FCDAE91E7"
},
{
"criteria": "cpe:2.3:a:matomo:matomo:0.4.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5617FB7C-649A-44FD-A9F8-2275F51EFA71"
}
],
"operator": "OR"
}
],
"operator": "AND"
}
]