CVE-2004-1715

Опубликовано: 11 авг. 2004

Источник: nvd

CVSS2: 5

EPSS Низкий

Описание

Directory traversal vulnerability in MIMEsweeper for Web before 5.0.4 allows remote attackers or local users to read arbitrary files via "..\", "..", and similar dot dot sequences in the URL.

Ссылки

http://marc.info/?l=bugtraq&m=109224211512029&w=2
http://marc.info/?l=bugtraq&m=109225567212978&w=2
http://packetstormsecurity.nl/0408-exploits/clearswift.txt
Exploit
Vendor Advisory
http://secunia.com/advisories/12273
Vendor Advisory
http://www.securityfocus.com/bid/10918
Exploit
Patch
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/16960
http://marc.info/?l=bugtraq&m=109224211512029&w=2
http://marc.info/?l=bugtraq&m=109225567212978&w=2
http://packetstormsecurity.nl/0408-exploits/clearswift.txt
Exploit
Vendor Advisory
http://secunia.com/advisories/12273
Vendor Advisory
http://www.securityfocus.com/bid/10918
Exploit
Patch
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/16960

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:clearswift:mimesweeper_for_web:4.0:*:*:*:*:*:*:*

cpe:2.3:a:clearswift:mimesweeper_for_web:5.0.1:*:*:*:*:*:*:*

EPSS

Процентиль: 77%

0.01046

Низкий

5 Medium

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-99g5-8fv2-6cgr

github

почти 4 года назад

Directory traversal vulnerability in MIMEsweeper for Web before 5.0.4 allows remote attackers or local users to read arbitrary files via "..\\", "..\", and similar dot dot sequences in the URL.