Lucene search

[email protected]CVE-2015-0889

HistoryFeb 28, 2015 - 2:59 a.m.

CVE-2015-0889

2015-02-2802:59:40

[email protected]

web.nvd.nist.gov

cve-2015-0889

kent-web

joyful note

remote attackers

delete files

write to files

execute arbitrary code

vectors

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.5 High

AI Score

Confidence

Low

0.029 Low

EPSS

Percentile

90.9%

JSON

KENT-WEB Joyful Note before 5.3 allows remote attackers to delete files or write to files, and consequently execute arbitrary code, via vectors involving an article.

Affected configurations

NVD

Node

kent-webjoyful_noteRange≤5.21

CPENameOperatorVersion
kent-web:joyful_notekent-web joyful notele5.21

CPE	Name	Operator	Version
kent-web:joyful_note	kent-web joyful note	le	5.21

References

jvn.jp/en/jp/JVN88862608/index.html

jvndb.jvn.jp/jvndb/JVNDB-2015-000024

www.kent-web.com/bbs/joyful.html

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.5 High

AI Score

Confidence

Low

0.029 Low

EPSS

Percentile

90.9%

JSON

Related for CVE-2015-0889

cvelist1 jvn1 prion1 nvd1