Lucene search

[email protected]NVD:CVE-2014-0666

HistoryJan 16, 2014 - 7:55 p.m.

CVE-2014-0666

2014-01-1619:55:04

CWE-22

[email protected]

web.nvd.nist.gov

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

7.4

Confidence

High

EPSS

0.026

Percentile

90.3%

JSON

Directory traversal vulnerability in the Send Screen Capture implementation in Cisco Jabber 9.2(.1) and earlier on Windows allows remote attackers to upload arbitrary types of files, and consequently execute arbitrary code, via modified packets, aka Bug ID CSCug48056.

Affected configurations

Nvd

Node

ciscojabberRange≤9.2\(.1\)---windows

ciscojabberMatch9.0---windows

ciscojabberMatch9.0\(.0\)---windows

ciscojabberMatch9.0\(.1\)---windows

ciscojabberMatch9.0\(.2\)---windows

ciscojabberMatch9.0\(.3\)---windows

ciscojabberMatch9.0\(.4\)---windows

ciscojabberMatch9.0\(.5\)---windows

ciscojabberMatch9.1---windows

ciscojabberMatch9.1\(.0\)---windows

ciscojabberMatch9.1\(.1\)---windows

ciscojabberMatch9.1\(.2\)---windows

ciscojabberMatch9.1\(.3\)---windows

ciscojabberMatch9.1\(.4\)---windows

ciscojabberMatch9.1\(.5\)---windows

ciscojabberMatch9.2---windows

ciscojabberMatch9.2\(.0\)---windows

VendorProductVersionCPE
ciscojabber*cpe:2.3:a:cisco:jabber:*:-:-:*:-:windows:*:*
ciscojabber9.0cpe:2.3:a:cisco:jabber:9.0:-:-:*:-:windows:*:*
ciscojabber9.0(.0)cpe:2.3:a:cisco:jabber:9.0\(.0\):-:-:*:-:windows:*:*
ciscojabber9.0(.1)cpe:2.3:a:cisco:jabber:9.0\(.1\):-:-:*:-:windows:*:*
ciscojabber9.0(.2)cpe:2.3:a:cisco:jabber:9.0\(.2\):-:-:*:-:windows:*:*
ciscojabber9.0(.3)cpe:2.3:a:cisco:jabber:9.0\(.3\):-:-:*:-:windows:*:*
ciscojabber9.0(.4)cpe:2.3:a:cisco:jabber:9.0\(.4\):-:-:*:-:windows:*:*
ciscojabber9.0(.5)cpe:2.3:a:cisco:jabber:9.0\(.5\):-:-:*:-:windows:*:*
ciscojabber9.1cpe:2.3:a:cisco:jabber:9.1:-:-:*:-:windows:*:*
ciscojabber9.1(.0)cpe:2.3:a:cisco:jabber:9.1\(.0\):-:-:*:-:windows:*:*

Vendor	Product	Version	CPE
cisco	jabber	*	cpe:2.3:a:cisco:jabber::-:-::-:windows::
cisco	jabber	9.0	cpe:2.3:a:cisco:jabber:9.0:-:-::-:windows::*
cisco	jabber	9.0(.0)	cpe:2.3:a:cisco:jabber:9.0\(.0\):-:-::-:windows::*
cisco	jabber	9.0(.1)	cpe:2.3:a:cisco:jabber:9.0\(.1\):-:-::-:windows::*
cisco	jabber	9.0(.2)	cpe:2.3:a:cisco:jabber:9.0\(.2\):-:-::-:windows::*
cisco	jabber	9.0(.3)	cpe:2.3:a:cisco:jabber:9.0\(.3\):-:-::-:windows::*
cisco	jabber	9.0(.4)	cpe:2.3:a:cisco:jabber:9.0\(.4\):-:-::-:windows::*
cisco	jabber	9.0(.5)	cpe:2.3:a:cisco:jabber:9.0\(.5\):-:-::-:windows::*
cisco	jabber	9.1	cpe:2.3:a:cisco:jabber:9.1:-:-::-:windows::*
cisco	jabber	9.1(.0)	cpe:2.3:a:cisco:jabber:9.1\(.0\):-:-::-:windows::*

Rows per page:

1-10 of 171

References

osvdb.org/102122

secunia.com/advisories/56331

tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-0666

tools.cisco.com/security/center/viewAlert.x?alertId=32451

www.securityfocus.com/bid/64965

www.securitytracker.com/id/1029635

exchange.xforce.ibmcloud.com/vulnerabilities/90435

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

7.4

Confidence

High

EPSS

0.026

Percentile

90.3%

JSON

Related for NVD:CVE-2014-0666

nessus1 prion1 cve1 cvelist1 cisco1