漏洞标题
N/A
漏洞描述信息
在Bitflux Upload Progress Meter中的uploadprogress_php_rfc1867_file函数之前8276行的heap-based buffer overflow允许远程攻击者通过构造的HTTP POST文件上传请求导致拒绝服务( crash)或执行任意代码。
CVSS信息
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
漏洞类别
N/A
漏洞标题
N/A
漏洞描述信息
Heap-based buffer overflow in the uploadprogress_php_rfc1867_file function in uploadprogress.c in Bitflux Upload Progress Meter before 8276 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via crafted HTTP POST fileupload requests.
CVSS信息
N/A
漏洞类别
N/A
漏洞标题
Bitflux Upload Progress Meter uploadprogress.c堆缓冲区溢出漏洞
漏洞描述信息
Upload Progress Meter是用于在PHP环境中显示文件上传进度条的工具。 Bitflux Upload Progress Meter 8276之前版本的uploadprogress.c中的uploadprogress_php_rfc1867_file函数中存在基于堆的缓冲区溢出漏洞。远程攻击者可借助特制的HTTP POST fileupload请求导致拒绝服务(崩溃)或执行任意代码。
CVSS信息
N/A
漏洞类别
授权问题