Lucene search

[email protected]CVE-2004-2643

HistoryDec 04, 2005 - 10:00 p.m.

CVE-2004-2643

2005-12-0422:00:00

[email protected]

web.nvd.nist.gov

cve-2004-2643

directory traversal

microsoft cabarc

remote attackers

overwrite files

cab archive

3.7 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:H/Au:N/C:P/I:P/A:P

6.9 Medium

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

68.0%

JSON

Directory traversal vulnerability in Microsoft cabarc allows remote attackers to overwrite files via “…/” sequences in file names in a CAB archive.

Affected configurations

NVD

Node

microsoftcabarc

CPENameOperatorVersion
microsoft:cabarcmicrosoft cabarceq*

CPE	Name	Operator	Version
microsoft:cabarc	microsoft cabarc	eq	*

References

archives.neohapsis.com/archives/fulldisclosure/2004-10/0341.html

marc.info/?l=bugtraq&m=109759710121018&w=2

packetstormsecurity.org/0410-exploits/cabarc.txt

secunia.com/advisories/12816

securitytracker.com/id?1011626

www.osvdb.org/10714

www.securityfocus.com/bid/11376

exchange.xforce.ibmcloud.com/vulnerabilities/17693

3.7 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:H/Au:N/C:P/I:P/A:P

6.9 Medium

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

68.0%

JSON

Related for CVE-2004-2643

cvelist1 nvd1