CVE-2009-3733

Sažetak

Directory traversal vulnerability in VMware Server 1.x before 1.0.10 build 203137 and 2.x before 2.0.2 build 203138 on Linux, VMware ESXi 3.5, and VMware ESX 3.0.3 and 3.5 allows remote attackers to read arbitrary files via unspecified vectors.

Reference

http://lists.vmware.com/pipermail/security-announce/2009/000069.html
http://secunia.com/advisories/37186
http://security.gentoo.org/glsa/glsa-201209-25.xml
http://securitytracker.com/id?1023088
http://securitytracker.com/id?1023089
http://www.securityfocus.com/archive/1/507523/100/0/threaded
http://www.securityfocus.com/bid/36842
http://www.vmware.com/security/advisories/VMSA-2009-0015.html
http://www.vupen.com/english/advisories/2009/3062
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7822

CVSS

Base:	5.0
Impact:	2.9
Exploitability:	10.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	NONE	NONE

CVSS vektor

AV:N/AC:L/Au:N/C:P/I:N/A:N

Zadnje važnije ažuriranje

17-05-2024 - 17:27

Objavljeno

02-11-2009 - 15:30