Lucene search

[email protected]CVE-2008-1169

HistoryMar 05, 2008 - 11:44 p.m.

CVE-2008-1169

2008-03-0523:44:00

CWE-22

[email protected]

web.nvd.nist.gov

vulnerability

directory traversal

sci photo chat server

remote attackers

nvd

cve-2008-1169

6.7 Medium

AI Score

Confidence

Low

7.8 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:C/I:N/A:N

0.011 Low

EPSS

Percentile

84.7%

JSON

Directory traversal vulnerability in the embedded HTTP server in SCI Photo Chat Server 3.4.9 and earlier allows remote attackers to read arbitrary files via a "…" (dot dot backslash) or “…/” (dot dot forward slash) in the GET command.

Affected configurations

NVD

Node

simm-commsci_photo_chatRange≤3.4.9

CPENameOperatorVersion
simm-comm:sci_photo_chatsimm-comm sci photo chatle3.4.9

CPE	Name	Operator	Version
simm-comm:sci_photo_chat	simm-comm sci photo chat	le	3.4.9

References

aluigi.altervista.org/adv/scichatdt-adv.txt

www.securityfocus.com/bid/27872

www.vupen.com/english/advisories/2008/0614

exchange.xforce.ibmcloud.com/vulnerabilities/40655

6.7 Medium

AI Score

Confidence

Low

7.8 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:C/I:N/A:N

0.011 Low

EPSS

Percentile

84.7%

JSON

Related for CVE-2008-1169

prion1 cvelist1 nvd1