3 matches found
CVE-2018-16716
Summary of CVE-2018-16716 Affected software: NCBI ToolBox legacy versions 2.0.7 through 2.2.26. Vulnerability: Path traversal via viewcgi.cgi (and potential file deletion via nph-viewgif.cgi), enabling reading of arbitrary server files and significant information disclosure. Root cause (per sourc...
CVE-2018-16717
The CVE-2018-16717 entry concerns a heap-based buffer overflow in nph-viewgif.cgi within legacy NCBI ToolBox versions 2.0.7–2.2.26. Public records cite a critical impact (CVSSv3 base score 9.8) with network attack vector and no authentication, indicating a high-risk condition that could lead to c...
CVE-2018-16718
The CVE-2018-16718 entry describes an XSS vulnerability in the NCBI ToolBox component wwwblast.c for legacy versions 2.0.7–2.2.26, exploitable via a crafted -z1 argument. The affected code path and exact root cause are not elaborated in the provided documents beyond stating XSS exists. No explici...