CVE-2012-3811 - Unrestricted file upload vulnerability in ImageUpload.ashx in the Wallboard application in Avaya IP

CVE-2012-3811

Summary

Unrestricted file upload vulnerability in ImageUpload.ashx in the Wallboard application in Avaya IP Office Customer Call Reporter 7.0 before 7.0.5.8 Q1 2012 Maintenance Release and 8.0 before 8.0.9.13 Q1 2012 Maintenance Release allows remote attackers to execute arbitrary code by uploading an executable file and then accessing it via a direct request. Per: http://cwe.mitre.org/data/definitions/434.html 'CWE-434: Unrestricted Upload of File with Dangerous Type'

References

Vulnerable Configurations

cpe:2.3:a:avaya:ip_office_customer_call_reporter:7.0:*:*:*:*:*:*:*
cpe:2.3:a:avaya:ip_office_customer_call_reporter:7.0:*:*:*:*:*:*:*
cpe:2.3:a:avaya:ip_office_customer_call_reporter:8.0:*:*:*:*:*:*:*
cpe:2.3:a:avaya:ip_office_customer_call_reporter:8.0:*:*:*:*:*:*:*

CVSS

Base:	10.0 (as of 17-07-2012 - 04:00)
Impact:
Exploitability:

CWE

NVD-CWE-Other

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	LOW	NONE

Impact

Confidentiality	Integrity	Availability
COMPLETE	COMPLETE	COMPLETE

cvss-vector via4

AV:N/AC:L/Au:N/C:C/I:C/A:C

refmap via4

confirm	https://downloads.avaya.com/css/P8/documents/100164021
misc	http://zerodayinitiative.com/advisories/ZDI-12-106/

saint via4

bid	54225
description	Avaya IP Office Customer Call Reporter ImageUpload.ashx file upload
id	net_avayaipofficever
osvdb	83399
title	avaya_ip_office_customer_call_reporter_imageupload
type	remote

Last major update

17-07-2012 - 04:00

Published

03-07-2012 - 19:55

Last modified

17-07-2012 - 04:00