Lucene search

[email protected]CVE-2010-0620

HistoryFeb 25, 2010 - 12:30 a.m.

CVE-2010-0620

2010-02-2500:30:00

CWE-22

[email protected]

web.nvd.nist.gov

cve

2010

0620

directory traversal

vulnerability

emc

homebase server

ssl service

remote attackers

arbitrary files

arbitrary code

7.3 High

AI Score

Confidence

Low

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.149 Low

EPSS

Percentile

95.8%

JSON

Directory traversal vulnerability in the SSL Service in EMC HomeBase Server 6.2.x before 6.2.3 and 6.3.x before 6.3.2 allows remote attackers to overwrite arbitrary files with any content, and consequently execute arbitrary code, via a … (dot dot) in an unspecified parameter.

CPENameOperatorVersion
emc:homebase_serveremc homebase servereq6.2
emc:homebase_serveremc homebase servereq6.3

CPE	Name	Operator	Version
emc:homebase_server	emc homebase server	eq	6.2
emc:homebase_server	emc homebase server	eq	6.3

References

securityreason.com/securityalert/8230

www.securityfocus.com/archive/1/509723/100/0/threaded

www.securityfocus.com/bid/38380

www.vupen.com/english/advisories/2010/0458

www.zerodayinitiative.com/advisories/ZDI-10-020/

7.3 High

AI Score

Confidence

Low

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.149 Low

EPSS

Percentile

95.8%

JSON

Related for CVE-2010-0620

zdi1 securityvulns3 prion1 d21 packetstorm1