Lucene search

MitreCVE-2008-6288

HistoryFeb 25, 2009 - 11:30 p.m.

CVE-2008-6288

2009-02-2523:30:00

CWE-22

mitre

web.nvd.nist.gov

cve

2008

6288

directory traversal

vulnerability

interface medien ibase 2.03

nvd

CVSS2

7.8

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:C/I:N/A:N

AI Score

6.9

Confidence

Low

EPSS

0.028

Percentile

90.8%

JSON

Directory traversal vulnerability in download.php in Interface Medien ibase 2.03 and earlier allows remote attackers to read arbitrary files via a … (dot dot) in the filename parameter.

Affected configurations

Nvd

Node

interface-medienibaseRange≤2.03

interface-medienibaseMatch2.0

VendorProductVersionCPE
interface-medienibase*cpe:2.3:a:interface-medien:ibase:*:*:*:*:*:*:*:*
interface-medienibase2.0cpe:2.3:a:interface-medien:ibase:2.0:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
interface-medien	ibase	*	cpe:2.3:a:interface-medien:ibase::::::::
interface-medien	ibase	2.0	cpe:2.3:a:interface-medien:ibase:2.0:::::::*

References

secunia.com/advisories/31210

www.securityfocus.com/bid/30362

exchange.xforce.ibmcloud.com/vulnerabilities/43983

www.exploit-db.com/exploits/6126

CVSS2

7.8

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:C/I:N/A:N

AI Score

6.9

Confidence

Low

EPSS

0.028

Percentile

90.8%

JSON

Related for CVE-2008-6288