Описание
Directory traversal vulnerability in GNUMP3D before 2.9.6 allows remote attackers to read arbitrary files via crafted sequences such as "/.//..//////././", which is collapsed into "/.././" after ".." and "//" sequences are removed.
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | released | 2.9.8-2 |
| devel | released | 2.9.8-2 |
| edgy | released | 2.9.8-2 |
| feisty | released | 2.9.8-2 |
| upstream | needs-triage |
Показывать по
Ссылки на источники
EPSS
5 Medium
CVSS2
Связанные уязвимости
Directory traversal vulnerability in GNUMP3D before 2.9.6 allows remote attackers to read arbitrary files via crafted sequences such as "/.//..//////././", which is collapsed into "/.././" after ".." and "//" sequences are removed.
Directory traversal vulnerability in GNUMP3D before 2.9.6 allows remot ...
Directory traversal vulnerability in GNUMP3D before 2.9.6 allows remote attackers to read arbitrary files via crafted sequences such as "/.//..//////././", which is collapsed into "/.././" after ".." and "//" sequences are removed.
EPSS
5 Medium
CVSS2