Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cveRedhatCVE-2006-5750
HistoryNov 27, 2006 - 8:07 p.m.

CVE-2006-5750

2006-11-2720:07:00
redhat
web.nvd.nist.gov
35
cve-2006-5750
jboss application server
directory traversal
remote code execution
nvd

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

6.7

Confidence

Low

EPSS

0.432

Percentile

97.4%

JSON

Directory traversal vulnerability in the DeploymentFileRepository class in JBoss Application Server (jbossas) 3.2.4 through 4.0.5 allows remote authenticated users to read or modify arbitrary files, and possibly execute arbitrary code, via unspecified vectors related to the console manager.

Affected configurations

Nvd
Node
jbossjboss_application_serverMatch3.2.5_final
OR
jbossjboss_application_serverMatch3.2.6_final
OR
jbossjboss_application_serverMatch3.2.7_final
OR
jbossjboss_application_serverMatch3.2.8.sp1
OR
jbossjboss_application_serverMatch3.2.8_final
OR
jbossjboss_application_serverMatch4.0.0_final
OR
jbossjboss_application_serverMatch4.0.1_final
OR
jbossjboss_application_serverMatch4.0.1_sp1
OR
jbossjboss_application_serverMatch4.0.2_final
OR
jbossjboss_application_serverMatch4.0.3_final
OR
jbossjboss_application_serverMatch4.0.4.ga
OR
jbossjboss_application_serverMatch4.0.5.ga
VendorProductVersionCPE
jbossjboss_application_server3.2.5_finalcpe:2.3:a:jboss:jboss_application_server:3.2.5_final:*:*:*:*:*:*:*
jbossjboss_application_server3.2.6_finalcpe:2.3:a:jboss:jboss_application_server:3.2.6_final:*:*:*:*:*:*:*
jbossjboss_application_server3.2.7_finalcpe:2.3:a:jboss:jboss_application_server:3.2.7_final:*:*:*:*:*:*:*
jbossjboss_application_server3.2.8.sp1cpe:2.3:a:jboss:jboss_application_server:3.2.8.sp1:*:*:*:*:*:*:*
jbossjboss_application_server3.2.8_finalcpe:2.3:a:jboss:jboss_application_server:3.2.8_final:*:*:*:*:*:*:*
jbossjboss_application_server4.0.0_finalcpe:2.3:a:jboss:jboss_application_server:4.0.0_final:*:*:*:*:*:*:*
jbossjboss_application_server4.0.1_finalcpe:2.3:a:jboss:jboss_application_server:4.0.1_final:*:*:*:*:*:*:*
jbossjboss_application_server4.0.1_sp1cpe:2.3:a:jboss:jboss_application_server:4.0.1_sp1:*:*:*:*:*:*:*
jbossjboss_application_server4.0.2_finalcpe:2.3:a:jboss:jboss_application_server:4.0.2_final:*:*:*:*:*:*:*
jbossjboss_application_server4.0.3_finalcpe:2.3:a:jboss:jboss_application_server:4.0.3_final:*:*:*:*:*:*:*
Rows per page:
1-10 of 121

References

Related

packetstorm 1
nessus 3
redhat 1
seebug 1
securityvulns 1
nvd 1
cvelist 1
packetstorm
packetstorm
JBoss Java Class DeploymentFileRepository Directory Traversal
2010-05-08 00:00:00
nessus
nessus
openSUSE 10 Security Update : jboss4 (jboss4-2304)
2007-10-17 00:00:00
openSUSE 10 Security Update : jboss (jboss-2309)
2007-10-17 00:00:00
JBoss Application Server (jbossas) JMX Console DeploymentFileRepository Traversal Arbitrary File Manipulation
2006-12-14 00:00:00
redhat
redhat
(RHSA-2006:0743) Critical: jbossas security update
2006-11-27 00:00:00
seebug
seebug
JBoss应用服务器DeploymentFileRepository类目录遍历漏洞
2010-06-18 00:00:00
securityvulns
securityvulns
SYMSA-2006-011: JBoss Java Class DeploymentFileRepository Directory Traversal
2006-11-28 00:00:00
nvd
nvd
CVE-2006-5750
2006-11-27 20:07:00
cvelist
cvelist
CVE-2006-5750
2006-11-27 20:00:00

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

6.7

Confidence

Low

EPSS

0.432

Percentile

97.4%

JSON
Related for CVE-2006-5750
packetstorm1nessus3redhat1seebug1securityvulns1nvd1cvelist1