Описание
Directory traversal vulnerability in (1) Deerfield D2Gfx 1.0.2 or (2) BadBlue Enterprise Edition 1.5.x and BadBlue Personal Edition 1.5.6 allows remote attackers to read arbitrary files via a ../ (dot dot slash) in the script used to read Microsoft Office documents.
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:deerfield:d2gfx:1.0.2:*:*:*:*:*:*:*
cpe:2.3:a:working_resources_inc.:badblue:enterprise_1.5:*:*:*:*:*:*:*
cpe:2.3:a:working_resources_inc.:badblue:personal_1.5.6_beta:*:*:*:*:*:*:*
EPSS
Процентиль: 46%
0.00229
Низкий
5 Medium
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
github
больше 3 лет назад
Directory traversal vulnerability in (1) Deerfield D2Gfx 1.0.2 or (2) BadBlue Enterprise Edition 1.5.x and BadBlue Personal Edition 1.5.6 allows remote attackers to read arbitrary files via a ../ (dot dot slash) in the script used to read Microsoft Office documents.
EPSS
Процентиль: 46%
0.00229
Низкий
5 Medium
CVSS2
Дефекты
NVD-CWE-Other