ID | CVE-2008-4437 | ||||||
Sažetak | Directory traversal vulnerability in importxml.pl in Bugzilla before 2.22.5, and 3.x before 3.0.5, when --attach_path is enabled, allows remote attackers to read arbitrary files via an XML file with a .. (dot dot) in the data element. | ||||||
Reference |
|
||||||
CVSS |
|
||||||
Pristup |
|
||||||
Impact |
|
||||||
CVSS vektor | AV:N/AC:M/Au:N/C:C/I:N/A:N | ||||||
Zadnje važnije ažuriranje | 08-08-2017 - 01:32 | ||||||
Objavljeno | 03-10-2008 - 22:22 |