Vulnerabilities > CVE-2004-0533 - Unspecified vulnerability in Businessobjects Infoview and Webintelligence
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
Business Objects WebIntelligence 2.7.0 through 2.7.4 only enforces access controls on the client, which allows remote authenticated users to delete arbitrary files on the server via a crafted delete request using the InfoView web client.
Vulnerable Configurations
References
- http://archives.neohapsis.com/archives/vulnwatch/2004-q3/0056.html
- http://archives.neohapsis.com/archives/vulnwatch/2004-q3/0056.html
- http://lists.grok.org.uk/pipermail/full-disclosure/2004-September/026549.html
- http://lists.grok.org.uk/pipermail/full-disclosure/2004-September/026549.html
- http://secunia.com/advisories/12587/
- http://secunia.com/advisories/12587/
- http://www.securityfocus.com/bid/11208
- http://www.securityfocus.com/bid/11208
- https://exchange.xforce.ibmcloud.com/vulnerabilities/17422
- https://exchange.xforce.ibmcloud.com/vulnerabilities/17422