CVE-2004-1405

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2004-1405

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2004-1405.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2004-1405

Downstream

DEBIAN-CVE-2004-1405

Published

2004-12-31T05:00:00Z

Modified

2026-04-10T03:36:36.469388Z

Summary

[none]

Details

MediaWiki 1.3.8 and earlier, when used with Apache mod_mime, does not properly handle files with two file extensions, such as .php.rar, which allows remote attackers to upload and execute arbitrary code.

References

http://secunia.com/advisories/13478/
http://www.securityfocus.com/bid/11985
http://wikipedia.sourceforge.net/
http://www.securityfocus.com/bid/11985
http://marc.info/?l=bugtraq&m=110321710420059&w=2

CVE-2004-1405

Affected packages