CVE-2004-0614 — MEDIUM (6.4)

Vulnerability Description

osTicket trusts a hidden form field in the submit form to limit the upload size of a document, which could allow remote attackers to upload a file of any size.

CVSS Score

6.4

MEDIUM

AV:N/AC:L/Au:N/C:N/I:P/A:P

Confidentiality

NONE

Integrity

PARTIAL

Availability

PARTIAL

Affected Products

Vendor	Product	Versions
Osticket	Osticket Sts	All versions

References

http://marc.info/?l=bugtraq&m=108786779500957&w=2
https://exchange.xforce.ibmcloud.com/vulnerabilities/16477
http://marc.info/?l=bugtraq&m=108786779500957&w=2
https://exchange.xforce.ibmcloud.com/vulnerabilities/16477

FAQ

What is CVE-2004-0614?

CVE-2004-0614 is a vulnerability with a CVSS score of 6.4 (MEDIUM). osTicket trusts a hidden form field in the submit form to limit the upload size of a document, which could allow remote attackers to upload a file of any size.

How severe is CVE-2004-0614?

CVE-2004-0614 has been rated MEDIUM with a CVSS base score of 6.4/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2004-0614?

Check the references section above for vendor advisories and patch information. Affected products include: Osticket Osticket Sts.