Lucene search

[email protected]CVE-2006-2839

HistoryJun 06, 2006 - 8:06 p.m.

CVE-2006-2839

2006-06-0620:06:00

[email protected]

web.nvd.nist.gov

cve-2006-2839

directory traversal

pg problem editor

webwork

online homework delivery system

remote attack

vulnerability

6.4 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:P/A:N

6.6 Medium

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

71.3%

JSON

Directory traversal vulnerability in PG Problem Editor module (PGProblemEditor.pm) in WeBWorK Online Homework Delivery System 2.2.0 and earlier allows remote attackers to read and write files outside of the templates directory.

Affected configurations

NVD

Node

webworkwebworkRange≤2.2.0

CPENameOperatorVersion
webwork:webworkwebworkle2.2.0

CPE	Name	Operator	Version
webwork:webwork	webwork	le	2.2.0

References

devel.webwork.rochester.edu/twiki/bin/view/Webwork/WeBWorKRelease2pt2pt1

secunia.com/advisories/20405

sourceforge.net/mailarchive/forum.php?thread_id=10201693&forum_id=43257

sourceforge.net/project/shownotes.php?release_id=421453

www.vupen.com/english/advisories/2006/2086

exchange.xforce.ibmcloud.com/vulnerabilities/26975

6.4 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:P/A:N

6.6 Medium

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

71.3%

JSON

Related for CVE-2006-2839

nvd1 prion1 cvelist1