Vulnerability Details CVE-2003-0950
PeopleSoft PeopleTools 8.1x, 8.2x, and 8.4x allows remote attackers to execute arbitrary commands by uploading a file to the IClient Servlet, guessing the insufficiently random (system time) name of the directory used to store the file, and directly requesting that file.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.01
EPSS Ranking 75.8%
CVSS Severity
CVSS v2 Score 7.5
References
Products affected by CVE-2003-0950
-
cpe:2.3:a:peoplesoft:peopletools:8.10
-
cpe:2.3:a:peoplesoft:peopletools:8.11
-
cpe:2.3:a:peoplesoft:peopletools:8.12
-
cpe:2.3:a:peoplesoft:peopletools:8.13
-
cpe:2.3:a:peoplesoft:peopletools:8.14
-
cpe:2.3:a:peoplesoft:peopletools:8.15
-
cpe:2.3:a:peoplesoft:peopletools:8.16
-
cpe:2.3:a:peoplesoft:peopletools:8.17
-
cpe:2.3:a:peoplesoft:peopletools:8.18
-
cpe:2.3:a:peoplesoft:peopletools:8.19
-
cpe:2.3:a:peoplesoft:peopletools:8.20
-
cpe:2.3:a:peoplesoft:peopletools:8.4
-
cpe:2.3:a:peoplesoft:peopletools:8.40
-
cpe:2.3:a:peoplesoft:peopletools:8.41
-
cpe:2.3:a:peoplesoft:peopletools:8.42
-
cpe:2.3:a:peoplesoft:peopletools:8.43