Lucene search

[email protected]NVD:CVE-2002-1837

HistoryDec 31, 2002 - 5:00 a.m.

CVE-2002-1837

2002-12-3105:00:00

[email protected]

web.nvd.nist.gov

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

AI Score

6.8

Confidence

High

EPSS

0.019

Percentile

88.6%

JSON

The getAlbumToDisplay function in idsShared.pm for Image Display System (IDS) 0.81 allows remote attackers to determine the existence of arbitrary directories via “…” sequences in the album parameter, which generates different error messages depending on whether the directory exists or not.

Affected configurations

Nvd

Node

idsidsMatch0.8.1

VendorProductVersionCPE
idsids0.8.1cpe:2.3:a:ids:ids:0.8.1:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
ids	ids	0.8.1	cpe:2.3:a:ids:ids:0.8.1:::::::*

References

ids.sourceforge.net/ChangeLog.html

online.securityfocus.com/archive/1/274433

www.iss.net/security_center/static/9201.php

www.securityfocus.com/bid/4870

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

AI Score

6.8

Confidence

High

EPSS

0.019

Percentile

88.6%

JSON

Related for NVD:CVE-2002-1837

cvelist1 exploitdb1 cve1