Lucene search

MitreCVE-2007-5484

HistoryOct 16, 2007 - 11:17 p.m.

CVE-2007-5484

2007-10-1623:17:00

CWE-22

mitre

web.nvd.nist.gov

cve

2007

5484

directory traversal

vulnerability

wxis.exe

wwwisis 7.1

isisscript parameter

iah

nvd

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

AI Score

6.3

Confidence

High

EPSS

0.002

Percentile

58.4%

JSON

Directory traversal vulnerability in wxis.exe in WWWISIS 7.1 allows local users to read arbitrary files via a … (dot dot) in the IsisScript parameter to iah.

Affected configurations

Nvd

Node

wwwisiswwwisisMatch7.1

VendorProductVersionCPE
wwwisiswwwisis7.1cpe:2.3:a:wwwisis:wwwisis:7.1:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
wwwisis	wwwisis	7.1	cpe:2.3:a:wwwisis:wwwisis:7.1:::::::*

References

osvdb.org/40170

secunia.com/advisories/27198

www.securityfocus.com/archive/1/482356/100/0/threaded

www.securityfocus.com/bid/26079

exchange.xforce.ibmcloud.com/vulnerabilities/37215

www.exploit-db.com/exploits/4529

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

AI Score

6.3

Confidence

High

EPSS

0.002

Percentile

58.4%

JSON

Related for CVE-2007-5484