Lucene search

[email protected]CVE-2007-4545

HistoryAug 27, 2007 - 11:17 p.m.

CVE-2007-4545

2007-08-2723:17:00

CWE-22

[email protected]

web.nvd.nist.gov

cve-2007-4545

directory traversal

unreal commander

remote attack

zip

rar

security vulnerability

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

7 High

AI Score

Confidence

Low

0.005 Low

EPSS

Percentile

76.4%

JSON

Multiple directory traversal vulnerabilities in Unreal Commander 0.92 build 565 and 573 allow user-assisted remote attackers to create or overwrite arbitrary files via a … (dot dot) in a filename within a (1) ZIP or (2) RAR archive.

Affected configurations

NVD

Node

x-dieselunreal_commanderMatch0.92_build565

x-dieselunreal_commanderMatch0.92_build573

CPENameOperatorVersion
x-diesel:unreal_commanderx-diesel unreal commandereq0.92_build565
x-diesel:unreal_commanderx-diesel unreal commandereq0.92_build573

CPE	Name	Operator	Version
x-diesel:unreal_commander	x-diesel unreal commander	eq	0.92_build565
x-diesel:unreal_commander	x-diesel unreal commander	eq	0.92_build573

References

secunia.com/advisories/26583

securityreason.com/securityalert/3060

www.securityfocus.com/archive/1/477432/100/0/threaded

www.securityfocus.com/bid/25419

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

7 High

AI Score

Confidence

Low

0.005 Low

EPSS

Percentile

76.4%

JSON

Related for CVE-2007-4545

cvelist1 nvd1 prion1