CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2003-0332

The ISAPI extension in BadBlue 1.7 through 2.2, and possibly earlier versions, modifies the first two letters of a filename extension after performing a security check, which allows remote attackers to bypass authentication via a filename with a .ats extension instead of a .hts extension.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.02

EPSS Ranking 82.7%

CVSS Severity

CVSS v2 Score 7.6

References

http://archives.neohapsis.com/archives/vulnwatch/2003-q2/0075.html
http://marc.info/?l=bugtraq&m=105346382524169&w=2
http://archives.neohapsis.com/archives/vulnwatch/2003-q2/0075.html
http://marc.info/?l=bugtraq&m=105346382524169&w=2

Products affected by CVE-2003-0332

Working Resources Inc. » Badblue » Version: Any

cpe:2.3:a:working_resources_inc.:badblue:*

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2003-0332

Products

Pricing

Contact Us