Lucene search

[email protected]CVE-2005-1376

HistoryMay 03, 2005 - 4:00 a.m.

CVE-2005-1376

2005-05-0304:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2005-1376

directory traversal

claroline

security vulnerability

nvd

7.3 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.007 Low

EPSS

Percentile

79.8%

JSON

Multiple directory traversal vulnerabilities in (1) document.php or (2) insertMyDoc.php in Claroline 1.5.3 through 1.6 Release Candidate 1, and possibly Dokeos, allow remote project administrators to upload arbitrary files.

CPENameOperatorVersion
claroline:clarolineclarolineeq1.6_beta
claroline:clarolineclarolineeq1.6_rc1
claroline:clarolineclarolineeq1.5.3

CPE	Name	Operator	Version
claroline:claroline	claroline	eq	1.6_beta
claroline:claroline	claroline	eq	1.6_rc1
claroline:claroline	claroline	eq	1.5.3

References

marc.info/?l=bugtraq&m=111464607103407&w=2

secunia.com/advisories/15161

secunia.com/advisories/15725

securitytracker.com/id?1013822

www.claroline.net/news.php#85

www.securityfocus.com/bid/13407

exchange.xforce.ibmcloud.com/vulnerabilities/20287

7.3 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.007 Low

EPSS

Percentile

79.8%

JSON

Related for CVE-2005-1376

nessus1