Vulnerabilities > CVE-2007-4385 - Unspecified vulnerability in Owasp Stinger
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
OWASP Stinger before 2.5 allows remote attackers to bypass input validation routines by using multipart encoded requests instead of form-urlencoded requests. NOTE: this might be used to expose vulnerabilities in applications that would otherwise be protected by the validation routines.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
Exploit-Db
| description | OWASP Stinger Filter Bypass Weakness. CVE-2007-4385. Remote exploits for multiple platform |
| id | EDB-ID:30491 |
| last seen | 2016-02-03 |
| modified | 2007-08-13 |
| published | 2007-08-13 |
| reporter | Meder Kydyraliev |
| source | https://www.exploit-db.com/download/30491/ |
| title | OWASP Stinger Filter Bypass Weakness |
References
- http://o0o.nu/~meder/o0o_bypassing_servlet_input_validation_filters.txt
- http://osvdb.org/39544
- http://secunia.com/advisories/26441
- http://securityreason.com/securityalert/3035
- http://www.securityfocus.com/archive/1/476288/100/0/threaded
- http://www.securityfocus.com/bid/25294
- http://www.securitytracker.com/id?1018555
- https://exchange.xforce.ibmcloud.com/vulnerabilities/35981