Lucene search

[email protected]CVE-2004-2745

HistoryOct 31, 2007 - 10:00 p.m.

CVE-2004-2745

2007-10-3122:00:00

CWE-22

[email protected]

web.nvd.nist.gov

cve

directory traversal

anteco visual technologies

ownserver

remote attack

arbitrary file access

7.8 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:C/I:N/A:N

7.1 High

AI Score

Confidence

Low

0.01 Low

EPSS

Percentile

83.8%

JSON

Directory traversal vulnerability in Anteco Visual Technologies OwnServer 1.0 and earlier allows remote attackers to read arbitrary files via a … (dot dot) in a URL.

Affected configurations

NVD

Node

anteco_visual_technologiesownserverRange≤1.0

CPENameOperatorVersion
anteco_visual_technologies:ownserveranteco visual technologies ownserverle1.0

CPE	Name	Operator	Version
anteco_visual_technologies:ownserver	anteco visual technologies ownserver	le	1.0

References

securityreason.com/securityalert/3329

www.securityfocus.com/archive/1/350421/30/21610/threaded

www.securityfocus.com/bid/9461

www.securitytracker.com/id?1008800

7.8 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:C/I:N/A:N

7.1 High

AI Score

Confidence

Low

0.01 Low

EPSS

Percentile

83.8%

JSON

Related for CVE-2004-2745

cvelist1 nvd1