Vulnerability Description
psdoccgi.exe in PeopleSoft PeopleTools 8.4 through 8.43 allows remote attackers to read arbitrary files via the (1) headername or (2) footername arguments.
CVSS Score
5.0
MEDIUM
AV:N/AC:L/Au:N/C:P/I:N/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Peoplesoft | Peopletools | 8.4 |
References
- http://archives.neohapsis.com/archives/vulnwatch/2003-q4/0042.htmlVendor Advisory
- http://lists.grok.org.uk/pipermail/full-disclosure/2003-November/013652.htmlVendor Advisory
- http://www.auscert.org.au/render.html?it=3610
- http://www.secunia.com/advisories/10225/PatchVendor Advisory
- http://www.securityfocus.com/bid/9037Vendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/13754
- http://archives.neohapsis.com/archives/vulnwatch/2003-q4/0042.htmlVendor Advisory
- http://lists.grok.org.uk/pipermail/full-disclosure/2003-November/013652.htmlVendor Advisory
- http://www.auscert.org.au/render.html?it=3610
- http://www.secunia.com/advisories/10225/PatchVendor Advisory
- http://www.securityfocus.com/bid/9037Vendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/13754
FAQ
What is CVE-2003-0626?
CVE-2003-0626 is a vulnerability with a CVSS score of 5.0 (MEDIUM). psdoccgi.exe in PeopleSoft PeopleTools 8.4 through 8.43 allows remote attackers to read arbitrary files via the (1) headername or (2) footername arguments.
How severe is CVE-2003-0626?
CVE-2003-0626 has been rated MEDIUM with a CVSS base score of 5.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2003-0626?
Check the references section above for vendor advisories and patch information. Affected products include: Peoplesoft Peopletools.