CVE-2007-4220

Опубликовано: 29 авг. 2007

Источник: nvd

CVSS2: 7.8

EPSS Низкий

Описание

Directory traversal vulnerability in Motorola Timbuktu Pro before 8.6.5 for Windows allows remote attackers to create or delete arbitrary files via a .. (dot dot) in a Send request, probably related to the (1) Send and (2) Exchange services.

Ссылки

ftp://ftp-xo.netopia.com/evaluation/docs/timbuktu/win/865/relnotes/TB2Win865Evalrn.pdf
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=589
Patch
Vendor Advisory
http://secunia.com/advisories/26588
Vendor Advisory
http://www.securityfocus.com/bid/25453
Patch
http://www.securitytracker.com/id?1018614
http://www.vupen.com/english/advisories/2007/2990
https://exchange.xforce.ibmcloud.com/vulnerabilities/36273
ftp://ftp-xo.netopia.com/evaluation/docs/timbuktu/win/865/relnotes/TB2Win865Evalrn.pdf
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=589
Patch
Vendor Advisory
http://secunia.com/advisories/26588
Vendor Advisory
http://www.securityfocus.com/bid/25453
Patch
http://www.securitytracker.com/id?1018614
http://www.vupen.com/english/advisories/2007/2990
https://exchange.xforce.ibmcloud.com/vulnerabilities/36273

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:motorola:timbuktu:8.6.3.1367:*:pro:*:*:*:*:*

EPSS

Процентиль: 88%

0.03713

Низкий

7.8 High

CVSS2

Дефекты

CWE-22

Связанные уязвимости

GHSA-x6rh-q9j9-6236

github

почти 4 года назад