Lucene search

[email protected]CVE-2007-5927

HistoryOct 03, 2022 - 4:14 p.m.

CVE-2007-5927

2022-10-0316:14:31

CWE-22

[email protected]

web.nvd.nist.gov

cve-2007-5927

directory traversal

openbase

remote authenticated users

arbitrary code execution

9 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:C/I:C/A:C

7 High

AI Score

Confidence

Low

0.007 Low

EPSS

Percentile

80.8%

JSON

Directory traversal vulnerability in OpenBase 10.0.5 and earlier allows remote authenticated users to create files with arbitrary contents via a … (dot dot) in the first argument to the GlobalLog stored procedure. NOTE: this can be leveraged to execute arbitrary code using CVE-2007-5926.

Affected configurations

NVD

Node

openbase_international_ltdopenbaseRange≤10.0.5

CPENameOperatorVersion
openbase_international_ltd:openbaseopenbase international ltd openbasele10.0.5

CPE	Name	Operator	Version
openbase_international_ltd:openbase	openbase international ltd openbase	le	10.0.5

References

secunia.com/advisories/27525

www.netragard.com/pdfs/research/NETRAGARD-20070313-OPENBASE.txt

www.securityfocus.com/bid/26347

9 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:C/I:C/A:C

7 High

AI Score

Confidence

Low

0.007 Low

EPSS

Percentile

80.8%

JSON

Related for CVE-2007-5927

prion2 cvelist2 nvd2 cve1