Skip to main content

CVE-2004-0533

Severity Low
Score 2.1/10

Summary

Business Objects WebIntelligence 2.7.0 through 2.7.4 only enforces access controls on the client, which allows remote authenticated users to delete arbitrary files on the server via a crafted delete request using the InfoView web client.

  • LOW
  • LOCAL
  • NONE
  • PARTIAL
  • NONE
  • NONE

References

Advisory Timeline

  • Published