Vulnerability Description
stconf.nsf in IBM Sametime Meeting Server 8.5.1 relies on the client to validate the file format used in wAttach?OpenForm multipart/form-data POST requests, which allows remote authenticated users to bypass intended upload restrictions by modifying the Content-Type header and file extension, as demonstrated by replacing a text/plain .txt upload with an application/octet-stream .exe upload.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ibm | Sametime Meeting Server | 8.5.1 |
Related Weaknesses (CWE)
References
- http://linux.oracle.com/errata/ELSA-2014-0747.html
- http://packetstormsecurity.com/files/127294
- http://packetstormsecurity.com/files/127829/IBM-Sametime-Meet-Server-8.5-Arbitra
- http://www.securityfocus.com/bid/68291
- http://linux.oracle.com/errata/ELSA-2014-0747.html
- http://packetstormsecurity.com/files/127294
- http://packetstormsecurity.com/files/127829/IBM-Sametime-Meet-Server-8.5-Arbitra
- http://www.securityfocus.com/bid/68291
FAQ
What is CVE-2014-3088?
CVE-2014-3088 is a vulnerability with a CVSS score of 5.5 (MEDIUM). stconf.nsf in IBM Sametime Meeting Server 8.5.1 relies on the client to validate the file format used in wAttach?OpenForm multipart/form-data POST requests, which allows remote authenticated users to ...
How severe is CVE-2014-3088?
CVE-2014-3088 has been rated MEDIUM with a CVSS base score of 5.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2014-3088?
Check the references section above for vendor advisories and patch information. Affected products include: Ibm Sametime Meeting Server.