CVE Vulnerabilities

CVE-2012-3811

Published: Jul 03, 2012 | Modified: Jul 17, 2012
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
10 HIGH
AV:N/AC:L/Au:N/C:C/I:C/A:C
RedHat/V2
RedHat/V3
Ubuntu

Unrestricted file upload vulnerability in ImageUpload.ashx in the Wallboard application in Avaya IP Office Customer Call Reporter 7.0 before 7.0.5.8 Q1 2012 Maintenance Release and 8.0 before 8.0.9.13 Q1 2012 Maintenance Release allows remote attackers to execute arbitrary code by uploading an executable file and then accessing it via a direct request.

Affected Software

Name Vendor Start Version End Version
Ip_office_customer_call_reporter Avaya 7.0 (including) 7.0 (including)
Ip_office_customer_call_reporter Avaya 8.0 (including) 8.0 (including)

References