CVE-2001-0642
Published Sep 20, 2001
Last updated 7 years ago
Overview
- Description
- Directory traversal vulnerability in IncrediMail version 1400185 and earlier allows local users to overwrite files on the local hard drive by appending .. (dot dot) sequences to filenames listed in the content.ini file.
- Source
- cve@mitre.org
- NVD status
- Modified
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 2.1
- Impact score
- 2.9
- Exploitability score
- 3.9
- Vector string
- AV:L/AC:L/Au:N/C:N/I:P/A:N
Weaknesses
- nvd@nist.gov
- NVD-CWE-Other
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:incredimail:incredimail:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7D77CCBA-8863-4935-975C-ABA07DFC91FC",
"versionEndIncluding": "1400185"
}
],
"operator": "OR"
}
]
}
]