CVE-2003-0841
First published: Thu Oct 09 2003(Updated: )
The grid option in PeopleSoft 8.42 stores temporary .xls files in guessable directories under the web document root, which allows remote attackers to steal search results by directly accessing the files via a URL request.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Oracle PeopleTools | =8.42 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2003-0841?
CVE-2003-0841 is considered a high severity vulnerability due to the potential for unauthorized access to sensitive data.
How do I fix CVE-2003-0841?
To fix CVE-2003-0841, you should modify the configuration to prevent temporary .xls files from being stored in guessable directories.
What systems are affected by CVE-2003-0841?
CVE-2003-0841 affects Oracle PeopleTools version 8.42.
What type of vulnerability is CVE-2003-0841?
CVE-2003-0841 is a directory traversal vulnerability that allows remote file access.
Can CVE-2003-0841 lead to data theft?
Yes, CVE-2003-0841 can lead to data theft as attackers can access search result files stored on the server.
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/author
- agent/weakness
- agent/last-modified-date
- agent/references
- agent/severity
- agent/description
- agent/first-publish-date
- agent/event
- agent/source
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- collector/nvd-historical
- vendor/oracle
- canonical/oracle peopletools
- version/oracle peopletools/8.42