CVE-2019-0259: Malicious File Upload
First published: Fri Feb 15 2019(Updated: )
SAP BusinessObjects, versions 4.2 and 4.3, (Visual Difference) allows an attacker to upload any file (including script files) without proper file format validation.
Credit: cna@sap.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| SAP BusinessObjects | =4.2 | |
| SAP BusinessObjects | =4.3 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2019-0259?
CVE-2019-0259 is a vulnerability in SAP BusinessObjects versions 4.2 and 4.3 (Visual Difference) that allows an attacker to upload any file without proper file format validation.
How does CVE-2019-0259 affect SAP BusinessObjects?
CVE-2019-0259 affects SAP BusinessObjects versions 4.2 and 4.3 (Visual Difference) by allowing an attacker to upload any file, including script files, without proper file format validation.
What is the severity of CVE-2019-0259?
CVE-2019-0259 has a severity rating of 9.8 (Critical).
How can I fix CVE-2019-0259?
To fix CVE-2019-0259, it is recommended to apply the necessary security patches or updates provided by SAP.
Where can I find more information about CVE-2019-0259?
For more information about CVE-2019-0259, you can refer to the following resources: [SecurityFocus](http://www.securityfocus.com/bid/106997), [SAP Note](https://launchpad.support.sap.com/#/notes/2727564), [SAP Wiki](https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=510922943).
- collector/nvd-index
- agent/references
- agent/tags
- agent/event
- agent/weakness
- agent/severity
- agent/author
- agent/type
- agent/description
- agent/softwarecombine
- agent/last-modified-date
- agent/first-publish-date
- collector/mitre-cve
- source/MITRE
- vendor/sap
- canonical/sap businessobjects
- version/sap businessobjects/4.2
- version/sap businessobjects/4.3