Lucene search

[email protected]CVE-2006-0223

HistoryJan 16, 2006 - 9:03 p.m.

CVE-2006-0223

2006-01-1621:03:00

CWE-22

[email protected]

web.nvd.nist.gov

security

vulnerability

shanghai topcmm

directory traversal

123 flash chat server

nvd

7.5 High

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

0.003 Low

EPSS

Percentile

70.3%

JSON

Directory traversal vulnerability in Shanghai TopCMM 123 Flash Chat Server Software 5.1 allows attackers to create or overwrite arbitrary files on the server via “…” (dot dot) sequences in the username field.

CPENameOperatorVersion
topcmm_computing:123_flash_chat_servertopcmm computing 123 flash chat servereq5.1
topcmm_computing:123_flash_chat_servertopcmm computing 123 flash chat servereq5.0

CPE	Name	Operator	Version
topcmm_computing:123_flash_chat_server	topcmm computing 123 flash chat server	eq	5.1
topcmm_computing:123_flash_chat_server	topcmm computing 123 flash chat server	eq	5.0

References

secunia.com/advisories/18455

www.123flashchat.com/flash-chat-server-v512.html

www.osvdb.org/22440

www.securityfocus.com/bid/16235

www.vupen.com/english/advisories/2006/0198

exchange.xforce.ibmcloud.com/vulnerabilities/24137

7.5 High

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

0.003 Low

EPSS

Percentile

70.3%

JSON

Related for CVE-2006-0223

prion1 cvelist1