Lucene search

[email protected]CVE-2006-4759

HistorySep 13, 2006 - 11:07 p.m.

CVE-2006-4759

2006-09-1323:07:00

[email protected]

web.nvd.nist.gov

cve-2006-4759

punbb

directory pathname

vulnerability

remote code execution

authentication

nvd

6.6 Medium

AI Score

Confidence

Low

3.6 Low

CVSS2

Access Vector

Access Complexity

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:H/Au:S/C:N/I:P/A:P

0.008 Low

EPSS

Percentile

82.2%

JSON

PunBB 1.2.12 does not properly handle an avatar directory pathname ending in %00, which allows remote authenticated administrative users to upload arbitrary files and execute code, as demonstrated by a query to admin_options.php with an avatars_dir parameter ending in %00. NOTE: this issue was originally disputed by the vendor, but the dispute was withdrawn on 20060926.

Affected configurations

NVD

Node

punbbpunbbMatch1.2.12

CPENameOperatorVersion
punbb:punbbpunbbeq1.2.12

CPE	Name	Operator	Version
punbb:punbb	punbb	eq	1.2.12

References

forums.punbb.org/viewtopic.php?id=13255

www.attrition.org/pipermail/vim/2006-September/001041.html

www.attrition.org/pipermail/vim/2006-September/001052.html

www.attrition.org/pipermail/vim/2006-September/001055.html

www.security.nnov.ru/Odocument221.html

www.securityfocus.com/archive/1/445788/100/0/threaded

www.securityfocus.com/archive/1/446420/100/0/threaded

exchange.xforce.ibmcloud.com/vulnerabilities/28884

6.6 Medium

AI Score

Confidence

Low

3.6 Low

CVSS2

Access Vector

Access Complexity

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:H/Au:S/C:N/I:P/A:P

0.008 Low

EPSS

Percentile

82.2%

JSON

Related for CVE-2006-4759

freebsd1 openvas2 cvelist1 nessus1 nvd1