PT-2004-1313 · Microsoft · Msn Messenger

Name of the Vulnerable Software and Affected Versions: Microsoft MSN Messenger versions 6.0 through 6.1 Description: The issue allows remote attackers to read arbitrary files due to improper handling of certain requests. Recommendations: For Microsoft MSN Messenger versions 6.0 through 6.1, at th...

DEBIAN-CVE-2004-0129

Directory traversal vulnerability in export.php in phpMyAdmin 2.5.5 and earlier allows remote attackers to read arbitrary files via .. dot dot sequences in the what parameter...

CVE-2003-0626

psdoccgi.exe in PeopleSoft PeopleTools 8.4 through 8.43 allows remote attackers to read arbitrary files via the 1 headername or 2 footername arguments...

CVE-2003-0753

nphpd.php in newsPHP 216 and earlier allows remote attackers to read arbitrary files via a full pathname to the target file in the nphpconfigLangFile parameter...

CVE-2003-0294

The CVE-2003-0294 issue affects php-proxima (version 6.0 and earlier) where autohtml.php contains a flaw in the modload operation that allows remote attackers to read arbitrary files via the name parameter. This is documented across multiple sources (NVD/NVD clone, CVE records, and a Tenable Ness...

[SECURITY] [DSA 264-1] New lxr packages fix information disclosure

-------------------------------------------------------------------------- Debian Security Advisory DSA 264-1 [email protected] http://www.debian.org/security/ Martin Schulze March 19th, 2003 http://www.debian.org/security/faq -...

CVE-2002-2084

Directory traversal vulnerability in index.php of Portix 0.4.02 allows remote attackers to read arbitrary files via a .. dot dot in the 1 l and 2 topic parameters...

CVE-2002-1258

CVE-2002-1258 affects Microsoft Virtual Machine (VM) up to build 5.0.3805, as used in Internet Explorer and other applications. The vulnerability allows remote attackers to read files via a Java applet whose CODEBASE parameter in the APPLET tag is spoofed, likely due to a parsing error. Documents...

Multiple vulnerabilities in Tiny HTTPd

======================================== INetCop Security Advisory 2002-0x82-001 ======================================== Title: Multiple vulnerabilities in Tiny HTTPd. 0x01. Description Tiny HTTP daemon is web server that do simple very. Vulnerability and executable vulnerability that this web...

security flaw

The default servlet org.apache.catalina.servlets.DefaultServlet in Tomcat 4.0.4 and 4.1.10 and earlier allows remote attackers to read source code for server files via a direct request to the servlet...

CVE-2002-1034

CVE-2002-1034 affects SunPS iRunbook 2.5.2. The vulnerability is triggered through none.php by supplying an absolute pathname as an argument, enabling remote attackers to read arbitrary files and potentially compromise confidentiality (and integrity per CVSS). The available connected documents pr...

CVE-2002-0323

comment2.jse in ScriptEase:WebServer allows remote attackers to read arbitrary files by specifying the target file as an argument in the URL...

CVE-2001-0593

Anaconda Partners Clipper 3.3 and earlier allows a remote attacker to read arbitrary files via a '..' dot dot attack in the template parameter...

CVE-2000-0877

mailform.pl CGI script in MailForm 2.0 allows remote attackers to read arbitrary files by specifying the file name in the XX-attachfile parameter, which MailForm then sends to the attacker...

CVE-2001-0593

Anaconda Partners Clipper 3.3 and earlier allows a remote attacker to read arbitrary files via a '..' dot dot attack in the template parameter...

CVE-2001-0042

PHP 3.x PHP3 on Apache 1.3.6 allows remote attackers to read arbitrary files via a modified .. dot dot attack containing "%5c" encoded backslash sequences...

CVE-2000-0977

mailfile.cgi CGI program in MailFile 1.10 allows remote attackers to read arbitrary files by specifying the target file name in the "filename" parameter in a POST request, which is then sent by email to the address specified in the "email" parameter...

CVE-2000-0842

CVE-2000-0842 affects the UnixWare 7 scohelphttp webserver. The vulnerability is in the search97cgi/vtopic component, where a path traversal via a .. (dot dot) attack could allow remote attackers to read arbitrary files. The available connected sources (NVD, CVE listings) confirm the affected pro...

CVE-2000-0660

CVE-2000-0660 affects the WDaemon web server for WorldClient 2.1, allowing remote attackers to read arbitrary files through a directory-traversal (..). The underlying issue is improper handling of path components, enabling unauthorized file access. Exploitation details are not provided in the CVE...

CVE-2000-0469

The vulnerability concerns Selena Sol WebBanner 4.0, where a path traversal flaw (.. sequence) enables remote attackers to read arbitrary files. Affected software: Selena Sol WebBanner 4.0. The description specifies reading arbitrary files via directory traversal, but no further technical details...