CVE-2002-0169

Sažetak

The default stylesheet for DocBook on Red Hat Linux 6.2 through 7.2 is installed with an insecure option enabled, which could allow users to overwrite files outside of the current directory from an untrusted document by using a full pathname as an element identifier.

Reference

http://online.securityfocus.com/advisories/4095
http://www.iss.net/security_center/static/8983.php
http://www.osvdb.org/5349
http://www.redhat.com/support/errata/RHSA-2002-062.html
http://www.securityfocus.com/bid/4654

CVSS

Base:	4.6
Impact:	6.4
Exploitability:	3.9

Pristup

Vektor	Složenost	Autentikacija
LOCAL	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	PARTIAL	PARTIAL

CVSS vektor

AV:L/AC:L/Au:N/C:P/I:P/A:P

Zadnje važnije ažuriranje

11-09-2008 - 00:00

Objavljeno

29-05-2002 - 04:00