CVE-2002-0430
Summary
MultiFileUploadHandler.php in the Sun Cobalt RaQ XTR administration interface allows local users to bypass authentication and overwrite arbitrary files via a symlink attack on a temporary file, followed by a request to MultiFileUpload.php.
- HIGH
- LOCAL
- NONE
- PARTIAL
- PARTIAL
- PARTIAL
References
Advisory Timeline
- Published