CVE-2004-1405
EPSS 12.0%
Description
MediaWiki 1.3.8 and earlier, when used with Apache mod_mime, does not properly handle files with two file extensions, such as .php.rar, which allows remote attackers to upload and execute arbitrary code.
How to fix CVE-2004-1405
To remediate CVE-2004-1405, upgrade the affected package to a fixed version below.
- Debian/mediawiki—upgrade to 1.4.9 or later
Is CVE-2004-1405 being exploited?
Moderate — EPSS is 12.0%. Track this CVE but it's not at the top of the prioritisation list.
Affected packages (1)
- from 0, < 1.4.9