CVE-2012-1050

Опубликовано: 13 фев. 2012

Источник: nvd

CVSS2: 4.3

EPSS Низкий

Описание

Directory traversal vulnerability in Mathopd 1.4.x and 1.5.x before 1.5p7, when configured with the * construct for mass virtual hosting, allows remote attackers to read arbitrary files via a crafted Host header.

Ссылки

http://archives.neohapsis.com/archives/bugtraq/2012-02/0025.html
Broken Link
http://osvdb.org/78896
Broken Link
http://secunia.com/advisories/47908
Third Party Advisory
http://www.mail-archive.com/mathopd%40mathopd.org/msg00392.html
Third Party Advisory
http://www.mathopd.org/security.html
Vendor Advisory
http://www.securitytracker.com/id?1026641
Third Party Advisory
VDB Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/73049
Third Party Advisory
VDB Entry
http://archives.neohapsis.com/archives/bugtraq/2012-02/0025.html
Broken Link
http://osvdb.org/78896
Broken Link
http://secunia.com/advisories/47908
Third Party Advisory
http://www.mail-archive.com/mathopd%40mathopd.org/msg00392.html
Third Party Advisory
http://www.mathopd.org/security.html
Vendor Advisory
http://www.securitytracker.com/id?1026641
Third Party Advisory
VDB Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/73049
Third Party Advisory
VDB Entry

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:mathopd:mathopd:*:*:*:*:*:*:*:*

Версия от 1.4 (включая) до 1.5 (исключая)

cpe:2.3:a:mathopd:mathopd:1.5:p5:*:*:*:*:*:*

EPSS

Процентиль: 74%

0.00794

Низкий

4.3 Medium

CVSS2

Дефекты

CWE-22

Связанные уязвимости

CVE-2012-1050

ubuntu

почти 14 лет назад

CVE-2012-1050

debian

почти 14 лет назад

Directory traversal vulnerability in Mathopd 1.4.x and 1.5.x before 1. ...

GHSA-p633-cvx7-wpq8

github

больше 3 лет назад

EPSS

Процентиль: 74%

0.00794

Низкий

4.3 Medium

CVSS2

Дефекты

CWE-22