Lucene search

K
cve[email protected]CVE-2008-4346
HistorySep 30, 2008 - 6:15 p.m.

CVE-2008-4346

2008-09-3018:15:08
CWE-22
web.nvd.nist.gov
20
security
vulnerability
directory traversal
talkback 2.3.6
remote attackers
cve-2008-4346
nvd

7.2 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.025 Low

EPSS

Percentile

90.2%

Directory traversal vulnerability in TalkBack 2.3.6 and 2.3.6.4 allows remote attackers to include and execute arbitrary local files via a … (dot dot) in the language parameter to comments.php, a different vector than CVE-2008-3371.

Affected configurations

NVD
Node
talkbacktalkbackMatch2.3.6
OR
talkbacktalkbackMatch2.3.6.4

7.2 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.025 Low

EPSS

Percentile

90.2%

Related for CVE-2008-4346