Lucene search

[email protected]CVE-2005-1090

HistoryMay 02, 2005 - 4:00 a.m.

CVE-2005-1090

2005-05-0204:00:00

[email protected]

web.nvd.nist.gov

vulnerability

maxthon

remote attackers

file access

nvd

6.4 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:P/A:N

7.2 High

AI Score

Confidence

Low

0.005 Low

EPSS

Percentile

76.3%

JSON

Directory traversal vulnerability in the readFile and writeFile API for Maxthon 1.2.0 and 1.2.1 allows remote attackers to read or write arbitrary files.

Affected configurations

NVD

Node

maxthonmaxthonMatch1.2.0

maxthonmaxthonMatch1.2.1

CPENameOperatorVersion
maxthon:maxthonmaxthoneq1.2.0
maxthon:maxthonmaxthoneq1.2.1

CPE	Name	Operator	Version
maxthon:maxthon	maxthon	eq	1.2.0
maxthon:maxthon	maxthon	eq	1.2.1

References

secunia.com/advisories/14918

www.osvdb.org/15423

www.raffon.net/advisories/maxthon/multvulns.html

www.securityfocus.com/bid/13074

exchange.xforce.ibmcloud.com/vulnerabilities/20033

6.4 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:P/A:N

7.2 High

AI Score

Confidence

Low

0.005 Low

EPSS

Percentile

76.3%

JSON

Related for CVE-2005-1090

nvd1 cvelist1