Executive Summary
| Informations | |||
|---|---|---|---|
| Name | CVE-2004-0533 | First vendor Publication | 2004-12-31 |
| Vendor | Cve | Last vendor Modification | 2024-11-20 |
Security-Database Scoring CVSS v3
| Cvss vector : N/A | |||
|---|---|---|---|
| Overall CVSS Score | NA | ||
| Base Score | NA | Environmental Score | NA |
| impact SubScore | NA | Temporal Score | NA |
| Exploitabality Sub Score | NA | ||
| Calculate full CVSS 3.0 Vectors scores | |||
Security-Database Scoring CVSS v2
| Cvss vector : (AV:L/AC:L/Au:N/C:N/I:P/A:N) | |||
|---|---|---|---|
| Cvss Base Score | 2.1 | Attack Range | Local |
| Cvss Impact Score | 2.9 | Attack Complexity | Low |
| Cvss Expoit Score | 3.9 | Authentication | None Required |
| Calculate full CVSS 2.0 Vectors scores | |||
Detail
| Business Objects WebIntelligence 2.7.0 through 2.7.4 only enforces access controls on the client, which allows remote authenticated users to delete arbitrary files on the server via a crafted delete request using the InfoView web client. |
Original Source
| Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0533 |
CPE : Common Platform Enumeration
Open Source Vulnerability Database (OSVDB)
| Id | Description |
|---|---|
| 10016 | Business Objects WebIntelligence Restriction Bypass Arbitrary Document Deletion WebIntelligence contains a flaw that may allow a malicious user to delete arbitrary documents. The issue is triggered when authennticated user without delete permission accesses specially crafted URL containing docuement ID and name. It is possible that the flaw may allow document deletion resulting in a loss of integrity. |
Sources (Detail)
Alert History
| Date | Informations |
|---|---|
| 2024-11-28 23:22:37 |
|
| 2024-11-28 12:06:07 |
|
| 2021-05-04 12:02:20 |
|
| 2021-04-22 01:02:29 |
|
| 2020-05-23 00:15:48 |
|
| 2017-07-11 12:01:27 |
|
| 2016-04-26 12:50:45 |
|
| 2013-05-11 11:41:59 |
|
