CVE-2005-3040

Опубликовано: 22 сент. 2005

Источник: nvd

CVSS2: 5

EPSS Низкий

Описание

Directory traversal vulnerability in the web interface (ISALogin.dll) for TAC Vista 4.0, and possibly other versions before 4.3, allows remote attackers to read arbitrary files via ".." sequences in the Template parameter.

Ссылки

http://archives.neohapsis.com/archives/fulldisclosure/2005-09/0469.html
http://secunia.com/advisories/16854
Vendor Advisory
http://securitytracker.com/id?1014923
Exploit
Vendor Advisory
http://www.cirt.dk/advisories/cirt-37-advisory.pdf
Exploit
Vendor Advisory
http://www.osvdb.org/19479
Exploit
http://archives.neohapsis.com/archives/fulldisclosure/2005-09/0469.html
http://secunia.com/advisories/16854
Vendor Advisory
http://securitytracker.com/id?1014923
Exploit
Vendor Advisory
http://www.cirt.dk/advisories/cirt-37-advisory.pdf
Exploit
Vendor Advisory
http://www.osvdb.org/19479
Exploit

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:tac:vista:3.0:*:*:*:*:*:*:*

cpe:2.3:a:tac:vista:4.0:*:*:*:*:*:*:*

EPSS

Процентиль: 73%

0.00763

Низкий

5 Medium

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-6hgv-gw79-9vq8

github

почти 4 года назад