CVE-2006-6814

Sažetak

Directory traversal vulnerability in FolderManager/FolderManager.aspx in Hosting Controller 7c allows remote authenticated users to read and modify arbitrary files, and list arbitrary directories via ..\ (dot dot backslash) sequences in the BrowsePath parameter.

Reference

http://secunia.com/advisories/23585
http://securitytracker.com/id?1017447
http://www.kapda.ir/advisory-458.html
http://www.securityfocus.com/bid/21786
http://www.vupen.com/english/advisories/2007/0023

CVSS

Base:	6.3
Impact:	6.9
Exploitability:	6.8

Pristup

Vektor	Složenost	Autentikacija
NETWORK	MEDIUM	SINGLE

Impact

Povjerljivost	Cjelovitost	Dostupnost
COMPLETE	NONE	NONE

CVSS vektor

AV:N/AC:M/Au:S/C:C/I:N/A:N

Zadnje važnije ažuriranje

08-03-2011 - 02:47

Objavljeno

29-12-2006 - 11:28