CVE-2005-3484

2005-11-0322:00:00

mitre

www.cve.org

6.8 Medium

AI Score

Confidence

Low

0.008 Low

EPSS

Percentile

81.7%

JSON

Directory traversal vulnerability in NeroNET 1.2.0.2 and earlier allows remote attackers to read arbitrary files with certain file extensions (such as ZIP, AVI, JPG, TXT, and HTML) via “…” and hex-encoded (1) slash “/” (“%2f”) or (2) backslash “" (”%5c") sequences.

References

aluigi.altervista.org/adv/neronet-adv.txt

marc.info/?l=full-disclosure&m=113096009930152&w=2

secunia.com/advisories/17421

www.securityfocus.com/bid/15288

www.vupen.com/english/advisories/2005/2287