Lucene search

MitreCVE-2006-0700

HistoryFeb 15, 2006 - 11:06 a.m.

CVE-2006-0700

2006-02-1511:06:00

CWE-264

mitre

web.nvd.nist.gov

cve-2006-0700

imagevue 16.1

remote attackers

folder permission settings

dir.php

xml document

nvd

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

AI Score

6.6

Confidence

Low

EPSS

0.039

Percentile

92.0%

JSON

imageVue 16.1 allows remote attackers to obtain folder permission settings via a direct request to dir.php, which returns an XML document that lists folders and their permissions.

Affected configurations

Nvd

Node

imagevueimagevueMatch0.16.1

VendorProductVersionCPE
imagevueimagevue0.16.1cpe:2.3:a:imagevue:imagevue:0.16.1:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
imagevue	imagevue	0.16.1	cpe:2.3:a:imagevue:imagevue:0.16.1:::::::*

References

secunia.com/advisories/18802

www.securityfocus.com/archive/1/424745/30/0/threaded

www.securityfocus.com/bid/16594

www.vupen.com/english/advisories/2006/0570

exchange.xforce.ibmcloud.com/vulnerabilities/24641

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

AI Score

6.6

Confidence

Low

EPSS

0.039

Percentile

92.0%

JSON

Related for CVE-2006-0700