CVE-2005-3484
Published Nov 3, 2005
Last updated 8 years ago
Overview
- Description
- Directory traversal vulnerability in NeroNET 1.2.0.2 and earlier allows remote attackers to read arbitrary files with certain file extensions (such as ZIP, AVI, JPG, TXT, and HTML) via ".." and hex-encoded (1) slash "/" ("%2f") or (2) backslash "\" ("%5c") sequences.
- Source
- cve@mitre.org
- NVD status
- Modified
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 5
- Impact score
- 2.9
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:P/I:N/A:N
Weaknesses
- nvd@nist.gov
- NVD-CWE-Other
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:nero:neronet:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "05901785-5CAF-4D3A-A4EA-D46196EB17DD",
"versionEndIncluding": "1.2.0.2"
}
],
"operator": "OR"
}
]
}
]