Lucene search

[email protected]CVE-2006-3836

HistoryJul 25, 2006 - 1:22 p.m.

CVE-2006-3836

2006-07-2513:22:00

[email protected]

web.nvd.nist.gov

cve

2006

3836

directory traversal

unidomedia

chameleon le

nvd

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

7.2 High

AI Score

Confidence

Low

0.017 Low

EPSS

Percentile

87.9%

JSON

Directory traversal vulnerability in index.php in UNIDOmedia Chameleon LE 1.203 and earlier, and possibly Chameleon PRO, allows remote attackers to read arbitrary files via the rmid parameter.

Affected configurations

NVD

Node

unidomediachameleon_leRange≤1.203

CPENameOperatorVersion
unidomedia:chameleon_leunidomedia chameleon lele1.203

CPE	Name	Operator	Version
unidomedia:chameleon_le	unidomedia chameleon le	le	1.203

References

secunia.com/advisories/21156

securityreason.com/securityalert/1280

www.securityfocus.com/archive/1/440765/100/0/threaded

www.securityfocus.com/bid/19107

www.vupen.com/english/advisories/2006/2948

exchange.xforce.ibmcloud.com/vulnerabilities/27898

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

7.2 High

AI Score

Confidence

Low

0.017 Low

EPSS

Percentile

87.9%

JSON

Related for CVE-2006-3836

nvd1 cvelist1