Lucene search

[email protected]NVD:CVE-2010-3097

HistoryAug 20, 2010 - 8:00 p.m.

CVE-2010-3097

2010-08-2020:00:03

CWE-22

[email protected]

web.nvd.nist.gov

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

6.7 Medium

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

57.1%

JSON

Directory traversal vulnerability in WinFrigate Frigate 3 FTP client 3.36 and earlier allows remote FTP servers to overwrite arbitrary files via a "…" (dot dot backslash) in a filename.

Affected configurations

NVD

Node

winfrigatefrigate_3Range≤3.36

winfrigatefrigate_3Match3.17

winfrigatefrigate_3Match3.18

winfrigatefrigate_3Match3.19

winfrigatefrigate_3Match3.20

winfrigatefrigate_3Match3.21

winfrigatefrigate_3Match3.22

winfrigatefrigate_3Match3.23

winfrigatefrigate_3Match3.24

winfrigatefrigate_3Match3.25

winfrigatefrigate_3Match3.26

winfrigatefrigate_3Match3.27

winfrigatefrigate_3Match3.28

winfrigatefrigate_3Match3.29

winfrigatefrigate_3Match3.30

winfrigatefrigate_3Match3.31

winfrigatefrigate_3Match3.32

winfrigatefrigate_3Match3.33

winfrigatefrigate_3Match3.34

winfrigatefrigate_3Match3.35

References

secunia.com/advisories/40898

www.htbridge.ch/advisory/directory_traversal_in_frigate_3_built_in_ftp_client.html

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

6.7 Medium

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

57.1%

JSON

Related for NVD:CVE-2010-3097

htbridge1 cve1 cvelist1 prion1