Lucene search

PRIOn knowledge basePRION:CVE-2008-1000

HistoryMar 18, 2008 - 11:44 p.m.

Directory traversal

2008-03-1823:44:00

PRIOn knowledge base

www.prio-n.com

6.3 Medium

AI Score

Confidence

Low

8.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:S/C:C/I:C/A:C

0.011 Low

EPSS

Percentile

83.8%

JSON

Directory traversal vulnerability in ContentServer.py in the Wiki Server in Apple Mac OS X 10.5.2 (aka Leopard) allows remote authenticated users to write arbitrary files via “…” sequences in file attachments.

CPENameOperatorVersion
mac_os_xeq10.5.2
mac_os_x_servereq10.5.2

CPE	Name	Operator	Version
	mac_os_x	eq	10.5.2
	mac_os_x_server	eq	10.5.2

References

docs.info.apple.com/article.html?artnum=307562

lists.apple.com/archives/security-announce/2008/Mar/msg00001.html

secunia.com/advisories/29420

www.coresecurity.com/index.php5?module=ContentMod&action=item&id=2189

www.securityfocus.com/archive/1/489786/100/0/threaded

www.securityfocus.com/bid/28278

www.securitytracker.com/id?1019660

www.vupen.com/english/advisories/2008/0924/references

exchange.xforce.ibmcloud.com/vulnerabilities/41278

6.3 Medium

AI Score

Confidence

Low

8.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:S/C:C/I:C/A:C

0.011 Low

EPSS

Percentile

83.8%

JSON

Related for PRION:CVE-2008-1000