Lucene search

[email protected]NVD:CVE-2005-0918

HistoryMay 05, 2005 - 4:00 a.m.

CVE-2005-0918

2005-05-0504:00:00

CWE-203

[email protected]

web.nvd.nist.gov

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

AI Score

6.8

Confidence

Low

EPSS

0.004

Percentile

74.6%

JSON

The NPSVG3.dll ActiveX control for Adobe SVG Viewer 3.02 and earlier, when running on Internet Explorer, allows remote attackers to determine the existence of arbitrary files by setting the src property to the target filename and using Javascript to determine if the web page immediately stops loading, which indicates whether the file exists or not.

Affected configurations

Nvd

Node

adobesvg_viewerRange≤3.02

AND

microsoftinternet_explorerMatch-

VendorProductVersionCPE
adobesvg_viewer*cpe:2.3:a:adobe:svg_viewer:*:*:*:*:*:*:*:*
microsoftinternet_explorer-cpe:2.3:a:microsoft:internet_explorer:-:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
adobe	svg_viewer	*	cpe:2.3:a:adobe:svg_viewer::::::::
microsoft	internet_explorer	-	cpe:2.3:a:microsoft:internet_explorer:-:::::::*

References

secunia.com/advisories/15255

securitytracker.com/id?1013890

www.adobe.com/support/techdocs/323585.html

www.hyperdose.com/advisories/H2005-07.txt

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

AI Score

6.8

Confidence

Low

EPSS

0.004

Percentile

74.6%

JSON

Related for NVD:CVE-2005-0918

cvelist1 cve1