Lucene search

PRIOn knowledge basePRION:CVE-2009-5067

HistoryOct 10, 2012 - 6:55 p.m.

Directory traversal

2012-10-1018:55:00

PRIOn knowledge base

www.prio-n.com

7.1 High

AI Score

Confidence

Low

0.01 Low

EPSS

Percentile

83.9%

JSON

Directory traversal vulnerability in html2ps before 1.0b6 allows remote attackers to read arbitrary files via a … (dot dot) in the “include file” SSI directive. NOTE: this issue only might be a vulnerability in limited scenarios, such as if html2ps is invoked by a web application, or if a user-assisted attacker provides filenames whose contents could cause a denial of service, such as certain devices.

CPENameOperatorVersion
html2pseq1.0 b4
html2pseq1.0 b1
html2psle1.0
html2pseq1.0 b3
html2pseq1.0 b2

Name	Operator	Version
html2ps	eq	1.0 b4
html2ps	eq	1.0 b1
html2ps	le	1.0
html2ps	eq	1.0 b3
html2ps	eq	1.0 b2

References

bugs.debian.org/cgi-bin/bugreport.cgi?bug=548633

packetstormsecurity.org/files/81614/html2ps-1.0-beta5-File-Disclosure.html

user.it.uu.se/~jan/html2ps-1.0b7.tar.gz

www.mandriva.com/security/advisories?name=MDVSA-2012:161

www.openwall.com/lists/oss-security/2012/10/05/1

www.openwall.com/lists/oss-security/2012/10/05/5

www.securityfocus.com/bid/36524

bugzilla.redhat.com/show_bug.cgi?id=526513