{"id": "CVE-2007-6636", "bulletinFamily": "NVD", "title": "CVE-2007-6636", "description": "Unspecified vulnerability in the StorageFarabDb module in Bitflu before 0.42 allows user-assisted remote attackers to create or append data to arbitrary files via a crafted .torrent file.", "published": "2008-01-04T00:46:00", "modified": "2017-08-08T01:29:00", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:N"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-6636", "reporter": "cve@mitre.org", "references": ["http://www.securityfocus.com/bid/27043", "http://bitflu.workaround.ch/ChangeLog.txt", "https://exchange.xforce.ibmcloud.com/vulnerabilities/39269", "http://secunia.com/advisories/28238", "http://osvdb.org/39892"], "cvelist": ["CVE-2007-6636"], "type": "cve", "lastseen": "2019-05-29T18:09:02", "history": [], "edition": 1, "hashmap": [{"key": "affectedSoftware", "hash": "f7faec0371fd68bad9422c70cebaf5ba"}, {"key": "bulletinFamily", "hash": "601892ece72be3be2f57266ca2354792"}, {"key": "cpe", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "cpe23", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "cvelist", "hash": "b0b047f26bc6ccae565b5690bfdb274f"}, {"key": "cvss", "hash": "c3c91421e192e0e8141c03da51a74b99"}, {"key": "cvss2", "hash": "c1777effab2a9db9ed706bbca9bedff6"}, {"key": "cvss3", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "cwe", "hash": "fa12e087f68642fcaefafba0d4583885"}, {"key": "description", "hash": "e2c47daecdc1a677f13298aa8786b726"}, {"key": "href", "hash": "c29aabafd41989f5ee3caeae91eb6a31"}, {"key": "modified", "hash": "8e72f3e50e5a936484a06c856be9ef13"}, {"key": "published", "hash": "f060b92e90ebd940ca4bf2f171bc4d8a"}, {"key": "references", "hash": "ecc9491ac282ffb2a652dd1c32cd65cf"}, {"key": "reporter", "hash": "444c2b4dda4a55437faa8bef1a141e84"}, {"key": "title", "hash": "1c213e117fdcf97fba6db81dd56f1c46"}, {"key": "type", "hash": "1716b5fcbb7121af74efdc153d0166c5"}], "hash": "2ba0c3bc5f9629ded0a21e1ba9eeb61e4db2b4b2235f517b1680f9181705a691", "viewCount": 0, "enchantments": {"score": {"value": 6.2, "vector": "NONE", "modified": "2019-05-29T18:09:02"}, "dependencies": {"references": [{"type": "osvdb", "idList": ["OSVDB:39892"]}], "modified": "2019-05-29T18:09:02"}, "vulnersScore": 6.2}, "objectVersion": "1.3", "cpe": [], "affectedSoftware": [{"name": "bitflu bitflu", "operator": "le", "version": "0.41"}], "cvss2": {"cvssV2": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 4.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": true}, "cvss3": {}, "cpe23": [], "cwe": ["CWE-264"]}

{"osvdb": [{"lastseen": "2017-04-28T13:20:35", "bulletinFamily": "software", "description": "## Solution Description\nUpgrade to version 0.42 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.\n## Short Description\nBitflu StorageFarabDb torrent File Security Bypass\n## References:\nVendor URL: http://bitflu.workaround.ch/\nVendor Specific News/Changelog Entry: http://bitflu.workaround.ch/ChangeLog.txt\n[Secunia Advisory ID:28238](https://secuniaresearch.flexerasoftware.com/advisories/28238/)\nISS X-Force ID: 39269\n[CVE-2007-6636](https://vulners.com/cve/CVE-2007-6636)\nBugtraq ID: 27043\n", "modified": "2007-12-27T15:19:16", "published": "2007-12-27T15:19:16", "href": "https://vulners.com/osvdb/OSVDB:39892", "id": "OSVDB:39892", "title": "Bitflu StorageFarabDb torrent File Security Bypass", "type": "osvdb", "cvss": {"score": 5.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:NONE/"}}]}