CVE-2013-4510

Sažetak

Directory traversal vulnerability in the client in Tryton 3.0.0, as distributed before 20131104 and earlier, allows remote servers to write arbitrary files via path separators in the extension of a report.

Reference

http://hg.tryton.org/tryton/rev/357d0a4d9cb8
http://www.debian.org/security/2013/dsa-2791
http://www.openwall.com/lists/oss-security/2013/11/04/21
http://www.tryton.org/posts/security-release-for-issue3446.html
https://bugs.tryton.org/issue3446

CVSS

Base:	7.8
Impact:	6.9
Exploitability:	10.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
NONE	COMPLETE	NONE

CVSS vektor

AV:N/AC:L/Au:N/C:N/I:C/A:N

Zadnje važnije ažuriranje

20-11-2013 - 00:31

Objavljeno

18-11-2013 - 02:55