Lucene search

K
cve[email protected]CVE-2009-0291
HistoryJan 27, 2009 - 8:30 p.m.

CVE-2009-0291

2009-01-2720:30:04
CWE-22
web.nvd.nist.gov
28
cve-2009-0291
openx
directory traversal
remote attack
arbitrary file inclusion

7.4 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.011 Low

EPSS

Percentile

84.6%

Directory traversal vulnerability in fc.php in OpenX 2.6.3 allows remote attackers to include and execute arbitrary files via a … (dot dot) in the MAX_type parameter.

Affected configurations

NVD
Node
openxopenxMatch2.6.3
CPENameOperatorVersion
openx:openxopenxeq2.6.3

7.4 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.011 Low

EPSS

Percentile

84.6%