Lucene search

[email protected]NVD:CVE-2010-3028

HistoryAug 16, 2010 - 8:00 p.m.

CVE-2010-3028

2010-08-1620:00:03

CWE-264

[email protected]

web.nvd.nist.gov

CVSS2

3.6

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:P/A:N

AI Score

6.4

Confidence

High

EPSS

Percentile

5.1%

JSON

The Aardvertiser component before 2.2.1 for Joomla! uses insecure permissions (777) in unspecified folders, which allows local users to modify, create, or delete certain files.

Affected configurations

Nvd

Node

simon_philipsaardvertiserMatch2.2.1

AND

joomlajoomla

VendorProductVersionCPE
simon_philipsaardvertiser2.2.1cpe:2.3:a:simon_philips:aardvertiser:2.2.1:*:*:*:*:*:*:*
joomlajoomla*cpe:2.3:a:joomla:joomla:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
simon_philips	aardvertiser	2.2.1	cpe:2.3:a:simon_philips:aardvertiser:2.2.1:::::::*
joomla	joomla	*	cpe:2.3:a:joomla:joomla::::::::

References

secunia.com/advisories/40882

sourceforge.net/projects/aardvertiser/forums/forum/989030/topic/3788365

www.osvdb.org/66924

www.securityfocus.com/bid/42239

exchange.xforce.ibmcloud.com/vulnerabilities/60927

CVSS2

3.6

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:P/A:N

AI Score

6.4

Confidence

High

EPSS

Percentile

5.1%

JSON

Related for NVD:CVE-2010-3028

cvelist1 cve1 prion1