Lucene search

MitreCVE-2007-1773

HistoryMar 30, 2007 - 1:19 a.m.

CVE-2007-1773

2007-03-3001:19:00

CWE-22

mitre

web.nvd.nist.gov

abitwhizzy

directory traversal

remote attackers

vulnerability

CVSS2

2.6

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:H/Au:N/C:P/I:N/A:N

AI Score

6.8

Confidence

Low

EPSS

0.009

Percentile

83.4%

JSON

Multiple directory traversal vulnerabilities in aBitWhizzy allow remote attackers to list arbitrary directories via a … (dot dot) in the d parameter to (1) whizzery/whizzypic.php or (2) whizzery/whizzylink.php, different vectors than CVE-2006-6384.

Affected configurations

Nvd

Node

unverse.netabitwhizzy

VendorProductVersionCPE
unverse.netabitwhizzy*cpe:2.3:a:unverse.net:abitwhizzy:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
unverse.net	abitwhizzy	*	cpe:2.3:a:unverse.net:abitwhizzy::::::::

References

downloads.securityfocus.com/vulnerabilities/exploits/23167.html

lostmon.blogspot.com/2007/03/abitwhizzy-traversal-folder-enumeration.html

secunia.com/advisories/24679

www.osvdb.org/34505

www.osvdb.org/34506

www.securityfocus.com/bid/23167

www.vupen.com/english/advisories/2007/1136

exchange.xforce.ibmcloud.com/vulnerabilities/33277

CVSS2

2.6

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:H/Au:N/C:P/I:N/A:N

AI Score

6.8

Confidence

Low

EPSS

0.009

Percentile

83.4%

JSON

Related for CVE-2007-1773