CVE-2007-0872

Опубликовано: 12 фев. 2007

Источник: nvd

CVSS2: 5

EPSS Средний

Описание

Directory traversal vulnerability in the Plain Old Webserver (POW) add-on before 0.0.9 for Mozilla Firefox allows remote attackers to read arbitrary files via a .. (dot dot) in the URI.

Ссылки

http://osvdb.org/33174
http://seclists.org/fulldisclosure/2007/Feb/0196.html
Exploit
http://seclists.org/fulldisclosure/2007/Feb/0210.html
http://secunia.com/advisories/24127
http://www.securityfocus.com/bid/22502
http://www.vupen.com/english/advisories/2007/0558
https://addons.mozilla.org/firefox/3002/
https://exchange.xforce.ibmcloud.com/vulnerabilities/32467
http://osvdb.org/33174
http://seclists.org/fulldisclosure/2007/Feb/0196.html
Exploit
http://seclists.org/fulldisclosure/2007/Feb/0210.html
http://secunia.com/advisories/24127
http://www.securityfocus.com/bid/22502
http://www.vupen.com/english/advisories/2007/0558
https://addons.mozilla.org/firefox/3002/
https://exchange.xforce.ibmcloud.com/vulnerabilities/32467

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:plain_old_webserver:plain_old_webserver:0.0.7:*:*:*:*:*:*:*

cpe:2.3:a:plain_old_webserver:plain_old_webserver:0.0.8:*:*:*:*:*:*:*

EPSS

Процентиль: 93%

0.10217

Средний

5 Medium

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-5p34-qvj2-mmp8

github

почти 4 года назад