1. Home
  2. CVE Database
  3. CVE-2014-1827
MEDIUM · 4.3

CVE-2014-1827

The iThoughtsHD app 4.19 for iOS on iPad devices, when the WiFi Transfer feature is used, allows remote attackers to upload arbitrary files by placing a %00 sequence after a dangerous extension, as de...

Vulnerability Description

The iThoughtsHD app 4.19 for iOS on iPad devices, when the WiFi Transfer feature is used, allows remote attackers to upload arbitrary files by placing a %00 sequence after a dangerous extension, as demonstrated by a .html%00.txt file.

CVSS Score

4.3

MEDIUM

AV:N/AC:M/Au:N/C:N/I:P/A:N
Confidentiality
NONE
Integrity
PARTIAL
Availability
NONE

Affected Products

VendorProductVersions
IthoughtsIthoughtshd4.19

Related Weaknesses (CWE)

CWE-20

References

FAQ

What is CVE-2014-1827?

CVE-2014-1827 is a vulnerability with a CVSS score of 4.3 (MEDIUM). The iThoughtsHD app 4.19 for iOS on iPad devices, when the WiFi Transfer feature is used, allows remote attackers to upload arbitrary files by placing a %00 sequence after a dangerous extension, as de...

How severe is CVE-2014-1827?

CVE-2014-1827 has been rated MEDIUM with a CVSS base score of 4.3/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2014-1827?

Check the references section above for vendor advisories and patch information. Affected products include: Ithoughts Ithoughtshd.