Lucene search

MitreCVE-2015-1192

HistoryJan 21, 2015 - 6:59 p.m.

CVE-2015-1192

2015-01-2118:59:53

CWE-22

mitre

web.nvd.nist.gov

cve-2015-1192

absolute path traversal

kgb 1.0b4

remote attackers

arbitrary files

crafted archive

nvd

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

AI Score

6.9

Confidence

Low

EPSS

0.005

Percentile

75.6%

JSON

Absolute path traversal vulnerability in kgb 1.0b4 allows remote attackers to write to arbitrary files via a full pathname in a crafted archive.

Affected configurations

Nvd

Node

kgb_projectkgbMatch1.0b4

VendorProductVersionCPE
kgb_projectkgb1.0b4cpe:2.3:a:kgb_project:kgb:1.0b4:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
kgb_project	kgb	1.0b4	cpe:2.3:a:kgb_project:kgb:1.0b4:::::::*

References

secunia.com/advisories/62203

www.openwall.com/lists/oss-security/2015/01/18/3

www.securityfocus.com/bid/72111

bugs.debian.org/cgi-bin/bugreport.cgi?bug=774989

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

AI Score

6.9

Confidence

Low

EPSS

0.005

Percentile

75.6%

JSON

Related for CVE-2015-1192