Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
stconf.nsf in IBM Sametime Meeting Server 8.5.1 relies on the client to validate the file format used in wAttach?OpenForm multipart/form-data POST requests, which allows remote authenticated users to bypass intended upload restrictions by modifying the Content-Type header and file extension, as demonstrated by replacing a text/plain .txt upload with an application/octet-stream .exe upload.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
IBM Sametime Meeting Server 安全漏洞
Vulnerability Description
IBM Sametime Meeting Server是美国IBM公司的一套用于Sametime(聊天和会议)服务器中的Web会议组件。 IBM Sametime Meeting Server 8.5.1版本的stconf.nsf文件中存在安全漏洞。远程攻击者可通过修改Content-Type头和文件扩展名利用该漏洞绕过既定的上传限制。
CVSS Information
N/A
Vulnerability Type
N/A