Lucene search

[email protected]CVE-2005-3156

HistoryOct 05, 2005 - 11:02 p.m.

CVE-2005-3156

2005-10-0523:02:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2005-3156

easyguppy

directory traversal

printfaq.php

remote attackers

arbitrary files

vulnerability

6.4 Medium

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:N/A:N

0.003 Low

EPSS

Percentile

68.3%

JSON

Directory traversal vulnerability in printfaq.php in EasyGuppy (Guppy for Windows) 4.5.4 and 4.5.5 allows remote attackers to read arbitrary files via “…” sequences in the pg parameter, which is cleansed for XSS but not directory traversal.

CPENameOperatorVersion
easyguppy:easyguppyeasyguppyeq4.5.4
easyguppy:easyguppyeasyguppyeq4.5.5

CPE	Name	Operator	Version
easyguppy:easyguppy	easyguppy	eq	4.5.4
easyguppy:easyguppy	easyguppy	eq	4.5.5

References

marc.info/?l=bugtraq&m=112812059917394&w=2

6.4 Medium

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:N/A:N

0.003 Low

EPSS

Percentile

68.3%

JSON

Related for CVE-2005-3156

nessus1