CVE-2008-7215 — MEDIUM (5.8)

Q: How severe is CVE-2008-7215?

CVE-2008-7215 has been rated MEDIUM with a CVSS base score of 5.8/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2008-7215?

Check the references section above for vendor advisories and patch information. Affected products include: Mambo-Foundation Mambo, Brilaps Mostlyce.

Vulnerability Description

The Image Manager in MOStlyCE before 2.4, as used in Mambo 4.6.3 and earlier, allows remote attackers to rename arbitrary files and cause a denial of service via modified file[NewFile][name], file[NewFile][tmp_name], and file[NewFile][size] parameters in a FileUpload command, which are used to modify equivalent variables in $_FILES that are accessed when the is_uploaded_file check fails.

CVSS Score

5.8

MEDIUM

AV:N/AC:M/Au:N/C:N/I:P/A:P

Confidentiality

NONE

Integrity

PARTIAL

Availability

PARTIAL

Affected Products

Vendor	Product	Versions
Mambo-Foundation	Mambo	<= 4.6.3
Brilaps	Mostlyce	<= 2.0

Related Weaknesses (CWE)

CWE-20

References

FAQ

What is CVE-2008-7215?

CVE-2008-7215 is a vulnerability with a CVSS score of 5.8 (MEDIUM). The Image Manager in MOStlyCE before 2.4, as used in Mambo 4.6.3 and earlier, allows remote attackers to rename arbitrary files and cause a denial of service via modified file[NewFile][name], file[New...

How severe is CVE-2008-7215?

CVE-2008-7215 has been rated MEDIUM with a CVSS base score of 5.8/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2008-7215?

Check the references section above for vendor advisories and patch information. Affected products include: Mambo-Foundation Mambo, Brilaps Mostlyce.