CVE-2011-4696

Sažetak

Directory traversal vulnerability in Eye-Fi Helper before 3.4.23 allows man-in-the-middle attackers to create arbitrary files via a .. (dot dot) in the filesignature in a GetPhotoStatus request.

Reference

http://www.pentest.co.uk/documents/ptl-2013-01.html
http://www.securityfocus.com/bid/57163
https://exchange.xforce.ibmcloud.com/vulnerabilities/80995

CVSS

Base:	4.3
Impact:	4.9
Exploitability:	5.5

Pristup

Vektor	Složenost	Autentikacija
ADJACENT_NETWORK	MEDIUM	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
NONE	PARTIAL	PARTIAL

CVSS vektor

AV:A/AC:M/Au:N/C:N/I:P/A:P

Zadnje važnije ažuriranje

29-08-2017 - 01:30

Objavljeno

03-03-2014 - 16:55