Lucene search

[email protected]CVE-2006-2317

HistoryMay 12, 2006 - 12:02 a.m.

CVE-2006-2317

2006-05-1200:02:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

vulnerability

ideal science

ideal bb

remote attackers

arbitrary files

web root

nvd

6.9 Medium

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.012 Low

EPSS

Percentile

85.1%

JSON

Unspecified vulnerability in Ideal Science Ideal BB 1.5.4a and earlier allows remote attackers to read arbitrary files under the web root via unspecified attack vectors related to the OpenTextFile method in Scripting.FileSystemObject.

CPENameOperatorVersion
ideal_science:idealbbideal science idealbbeq1.5.0_beta2
ideal_science:idealbbideal science idealbbeq1.5.3
ideal_science:idealbbideal science idealbbeq1.5.4a
ideal_science:idealbbideal science idealbbeq1.5.2a
ideal_science:idealbbideal science idealbbeq1.5.3_beta1
ideal_science:idealbbideal science idealbbeq1.5.1
ideal_science:idealbbideal science idealbbeq1.5.2c
ideal_science:idealbbideal science idealbbeq1.5.0_beta3
ideal_science:idealbbideal science idealbbeq1.5.3a
ideal_science:idealbbideal science idealbbeq1.5.3_beta2

CPE	Name	Operator	Version
ideal_science:idealbb	ideal science idealbb	eq	1.5.0_beta2
ideal_science:idealbb	ideal science idealbb	eq	1.5.3
ideal_science:idealbb	ideal science idealbb	eq	1.5.4a
ideal_science:idealbb	ideal science idealbb	eq	1.5.2a
ideal_science:idealbb	ideal science idealbb	eq	1.5.3_beta1
ideal_science:idealbb	ideal science idealbb	eq	1.5.1
ideal_science:idealbb	ideal science idealbb	eq	1.5.2c
ideal_science:idealbb	ideal science idealbb	eq	1.5.0_beta3
ideal_science:idealbb	ideal science idealbb	eq	1.5.3a
ideal_science:idealbb	ideal science idealbb	eq	1.5.3_beta2

Rows per page:

1-10 of 161

References

archives.neohapsis.com/archives/fulldisclosure/2006-05/0203.html

secunia.com/advisories/20035

securityreason.com/securityalert/871

www.idealscience.com/ibb/posts.aspx?postID=24415

www.osvdb.org/25455

www.securityfocus.com/archive/1/433248/100/0/threaded

www.securityfocus.com/bid/17920

www.vupen.com/english/advisories/2006/1729

exchange.xforce.ibmcloud.com/vulnerabilities/26348

6.9 Medium

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.012 Low

EPSS

Percentile

85.1%

JSON

Related for CVE-2006-2317

prion1 nessus1