CVE-2012-5100

2012-09-2317:00:00

mitre

www.cve.org

6.6 Medium

AI Score

Confidence

Low

0.01 Low

EPSS

Percentile

83.5%

JSON

Directory traversal vulnerability in HServer 0.1.1 allows remote attackers to read arbitrary files via a (1) …%5c (dot dot encoded backslash) or (2) %2e%2e%5c (encoded dot dot backslash) in the PATH_INFO.

References

archives.neohapsis.com/archives/bugtraq/2012-01/0028.html

www.securityfocus.com/bid/51286

exchange.xforce.ibmcloud.com/vulnerabilities/72138