Lucene search

[email protected]NVD:CVE-2011-2524

HistoryAug 31, 2011 - 11:55 p.m.

CVE-2011-2524

2011-08-3123:55:02

CWE-22

[email protected]

web.nvd.nist.gov

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

AI Score

6.4

Confidence

Low

EPSS

0.006

Percentile

79.1%

JSON

Directory traversal vulnerability in soup-uri.c in SoupServer in libsoup before 2.35.4 allows remote attackers to read arbitrary files via a %2e%2e (encoded dot dot) in a URI.

Affected configurations

Nvd

Node

gnomelibsoupRange≤2.35.3

gnomelibsoupMatch2.0

gnomelibsoupMatch2.2

gnomelibsoupMatch2.2.0

gnomelibsoupMatch2.2.1

gnomelibsoupMatch2.2.2

gnomelibsoupMatch2.2.3

gnomelibsoupMatch2.2.4

gnomelibsoupMatch2.2.5

gnomelibsoupMatch2.2.6

gnomelibsoupMatch2.2.6.1

gnomelibsoupMatch2.2.7

gnomelibsoupMatch2.2.91

gnomelibsoupMatch2.2.92

gnomelibsoupMatch2.2.93

gnomelibsoupMatch2.2.94

gnomelibsoupMatch2.2.95.1

gnomelibsoupMatch2.2.96

gnomelibsoupMatch2.2.97

gnomelibsoupMatch2.2.98

gnomelibsoupMatch2.2.99

gnomelibsoupMatch2.2.100

gnomelibsoupMatch2.2.101

gnomelibsoupMatch2.2.102

gnomelibsoupMatch2.2.103

gnomelibsoupMatch2.2.104

gnomelibsoupMatch2.3.0.1

gnomelibsoupMatch2.3.2

gnomelibsoupMatch2.3.4

gnomelibsoupMatch2.4.0

gnomelibsoupMatch2.4.1

gnomelibsoupMatch2.23.1

gnomelibsoupMatch2.23.6

gnomelibsoupMatch2.23.91

gnomelibsoupMatch2.23.92

gnomelibsoupMatch2.24.0.1

gnomelibsoupMatch2.24.1

gnomelibsoupMatch2.25.2

gnomelibsoupMatch2.25.3

gnomelibsoupMatch2.25.4

gnomelibsoupMatch2.25.5

gnomelibsoupMatch2.25.91

gnomelibsoupMatch2.26.0

gnomelibsoupMatch2.26.1

gnomelibsoupMatch2.27.1

gnomelibsoupMatch2.27.2

gnomelibsoupMatch2.27.4

gnomelibsoupMatch2.27.5

gnomelibsoupMatch2.27.90

gnomelibsoupMatch2.27.91

gnomelibsoupMatch2.27.92

gnomelibsoupMatch2.28.0

gnomelibsoupMatch2.28.1

gnomelibsoupMatch2.29.3

gnomelibsoupMatch2.29.5

gnomelibsoupMatch2.29.6

gnomelibsoupMatch2.29.90

gnomelibsoupMatch2.29.91

gnomelibsoupMatch2.30.0

gnomelibsoupMatch2.30.1

gnomelibsoupMatch2.31.2

gnomelibsoupMatch2.31.6

gnomelibsoupMatch2.31.90

gnomelibsoupMatch2.31.92

gnomelibsoupMatch2.32.0

gnomelibsoupMatch2.32.1

gnomelibsoupMatch2.32.2

gnomelibsoupMatch2.33.4

gnomelibsoupMatch2.33.5

gnomelibsoupMatch2.33.6

gnomelibsoupMatch2.33.90

gnomelibsoupMatch2.33.92

gnomelibsoupMatch2.34.0

gnomelibsoupMatch2.34.1

References

git.gnome.org/browse/libsoup/tree/NEWS

lists.fedoraproject.org/pipermail/package-announce/2011-August/063431.html

secunia.com/advisories/47299

www.debian.org/security/2011/dsa-2369

www.redhat.com/support/errata/RHSA-2011-1102.html

www.securitytracker.com/id?1025864

www.ubuntu.com/usn/USN-1181-1

bugzilla.gnome.org/show_bug.cgi?id=653258

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

AI Score

6.4

Confidence

Low

EPSS

0.006

Percentile

79.1%

JSON

Related for NVD:CVE-2011-2524

nessus13 openvas14 ubuntu1 prion1 securityvulns2 debiancve1 ubuntucve1 cvelist1 redhat1 fedora2 cve1 debian1 oraclelinux1 gentoo1