CVE-2002-1038 Information

Description

Double Choco Latte (DCL) before 20020706 does not properly verify if a file was uploaded which allows remote attackers to conduct certain operations on arbitrary files via the (1) Projects: Upload File Attachment or (2) Work Orders: Import features.

Reference

http://archives.neohapsis.com/archives/vulnwatch/2002-q3/0022.html http://dcl.sourceforge.net/index.php http://marc.info/?l=bugtraq&m=102668783632589&w=2 http://www.iss.net/security_center/static/9742.php