Lucene search

MitreCVE-2007-0929

HistoryFeb 14, 2007 - 11:28 a.m.

CVE-2007-0929

2007-02-1411:28:00

mitre

web.nvd.nist.gov

cve-2007-0929

directory traversal

php

rrd browser

security vulnerability

remote attack

arbitrary file read

nvd

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

AI Score

6.7

Confidence

Low

EPSS

0.007

Percentile

79.6%

JSON

Directory traversal vulnerability in php rrd browser before 0.2.1 allows remote attackers to read arbitrary files via “…” sequences in the p parameter.

Affected configurations

Nvd

Node

guillaume_fontainephp_rrd_browserRange≤0.2.0

VendorProductVersionCPE
guillaume_fontainephp_rrd_browser*cpe:2.3:a:guillaume_fontaine:php_rrd_browser:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
guillaume_fontaine	php_rrd_browser	*	cpe:2.3:a:guillaume_fontaine:php_rrd_browser::::::::

References

attrition.org/pipermail/vim/2007-February/001307.html

osvdb.org/33693

securityreason.com/securityalert/2245

sourceforge.net/project/shownotes.php?group_id=176562&release_id=485414

www.securityfocus.com/archive/1/459804/100/0/threaded

exchange.xforce.ibmcloud.com/vulnerabilities/32425

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

AI Score

6.7

Confidence

Low

EPSS

0.007

Percentile

79.6%

JSON

Related for CVE-2007-0929