Vulnerabilities > CVE-2004-0533 - Unspecified vulnerability in Businessobjects Infoview and Webintelligence

CVSS 2.1 - LOW

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

PARTIAL

Availability impact

NONE

local

low complexity

businessobjects

NVD

Published: 2004-12-31

Updated: 2017-07-11

Summary

Business Objects WebIntelligence 2.7.0 through 2.7.4 only enforces access controls on the client, which allows remote authenticated users to delete arbitrary files on the server via a crafted delete request using the InfoView web client.

Vulnerable Configurations

Part	Description	Count
Application	Businessobjects Businessobjects Infoview 5.1.4 Businessobjects Infoview 5.1.5 Businessobjects Infoview 5.1.6 Businessobjects Infoview 5.1.7 Businessobjects Infoview 5.1.8 Businessobjects Webintelligence 2.7 Businessobjects Webintelligence 2.7.1 Businessobjects Webintelligence 2.7.2 Businessobjects Webintelligence 2.7.3 Businessobjects Webintelligence 2.7.4	10

Summary

Vulnerable Configurations

References