Lucene search

MitreCVE-2006-3178

HistoryJun 23, 2006 - 12:02 a.m.

CVE-2006-3178

2006-06-2300:02:00

mitre

web.nvd.nist.gov

cve

2006

3178

directory traversal

chm lib

vulnerability

nvd

chmlib

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

AI Score

6.6

Confidence

Low

EPSS

0.006

Percentile

77.8%

JSON

Directory traversal vulnerability in extract_chmLib example program in CHM Lib (chmlib) before 0.38 allows remote attackers to overwrite arbitrary files via a CHM archive containing files with a … (dot dot) in their filename.

Affected configurations

Nvd

Node

jed_wingchm_libRange≤0.37

VendorProductVersionCPE
jed_wingchm_lib*cpe:2.3:a:jed_wing:chm_lib:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
jed_wing	chm_lib	*	cpe:2.3:a:jed_wing:chm_lib::::::::

References

morte.jedrea.com/~jedwin/projects/chmlib/

secunia.com/advisories/20734

secunia.com/advisories/21406

securitytracker.com/id?1016343

www.debian.org/security/2006/dsa-1144

www.osvdb.org/26636

www.securityfocus.com/bid/18511

www.vupen.com/english/advisories/2006/2430

exchange.xforce.ibmcloud.com/vulnerabilities/27278

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

AI Score

6.6

Confidence

Low

EPSS

0.006

Percentile

77.8%

JSON

Related for CVE-2006-3178