Lucene search

[email protected]CVE-2008-5997

HistoryJan 28, 2009 - 3:30 p.m.

CVE-2008-5997

2009-01-2815:30:00

CWE-22

[email protected]

web.nvd.nist.gov

cve-2008-5997

absolute path traversal

admin

filekontrola

browser

omnicom content platform

ocp 2.0

remote attackers

directory listing

7.8 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:C/I:N/A:N

7 High

AI Score

Confidence

Low

0.008 Low

EPSS

Percentile

81.3%

JSON

Absolute path traversal vulnerability in admin/fileKontrola/browser.asp in Omnicom Content Platform (OCP) 2.0 allows remote attackers to list arbitrary directories via a full pathname in the root parameter.

Affected configurations

NVD

Node

ocp2omnicom_content_platformMatch2.0

CPENameOperatorVersion
ocp2:omnicom_content_platformocp2 omnicom content platformeq2.0

CPE	Name	Operator	Version
ocp2:omnicom_content_platform	ocp2 omnicom content platform	eq	2.0

References

packetstormsecurity.org/0809-exploits/omnicom-traverse.txt

www.securityfocus.com/bid/31338

exchange.xforce.ibmcloud.com/vulnerabilities/45394

7.8 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:C/I:N/A:N

7 High

AI Score

Confidence

Low

0.008 Low

EPSS

Percentile

81.3%

JSON

Related for CVE-2008-5997

prion1 nvd1 cvelist1