CVE-2006-0223

Sažetak

Directory traversal vulnerability in Shanghai TopCMM 123 Flash Chat Server Software 5.1 allows attackers to create or overwrite arbitrary files on the server via ".." (dot dot) sequences in the username field.

Reference

http://secunia.com/advisories/18455
http://www.123flashchat.com/flash-chat-server-v512.html
http://www.osvdb.org/22440
http://www.securityfocus.com/bid/16235
http://www.vupen.com/english/advisories/2006/0198
https://exchange.xforce.ibmcloud.com/vulnerabilities/24137

CVSS

Base:	5.0
Impact:	2.9
Exploitability:	10.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
NONE	PARTIAL	NONE

CVSS vektor

AV:N/AC:L/Au:N/C:N/I:P/A:N

Zadnje važnije ažuriranje

20-07-2017 - 01:29

Objavljeno

16-01-2006 - 21:03