CVE-2006-0869
Published Feb 23, 2006
Last updated 6 years ago
Overview
- Description
- Directory traversal vulnerability in the "remember me" feature in liveuser.php in PHP Extension and Application Repository (PEAR) LiveUser 0.16.8 and earlier allows remote attackers to determine file existence, and possibly delete arbitrary files with short pathnames or possibly read arbitrary files, via a .. (dot dot) in the store_id value of a cookie.
- Source
- cve@mitre.org
- NVD status
- Modified
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 6.4
- Impact score
- 4.9
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:P/I:P/A:N
Weaknesses
- nvd@nist.gov
- NVD-CWE-Other
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:pear:pear_liveuser:0.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "90025C05-4860-4B1D-A088-5553D74132D5"
},
{
"criteria": "cpe:2.3:a:pear:pear_liveuser:0.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "004886D8-5C41-49B8-B57F-1D803F5E4804"
},
{
"criteria": "cpe:2.3:a:pear:pear_liveuser:0.5.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "99488D79-33D2-4D9A-B2CB-895C0885FA6D"
},
{
"criteria": "cpe:2.3:a:pear:pear_liveuser:0.6:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "AA0EA621-309A-47EB-958F-1F93D3B63494"
},
{
"criteria": "cpe:2.3:a:pear:pear_liveuser:0.6.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "03E49CD8-A70E-4178-8C5F-60CE518BDFA1"
},
{
"criteria": "cpe:2.3:a:pear:pear_liveuser:0.7:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E85FFBC2-4D67-4E43-B802-A544C9E835DE"
},
{
"criteria": "cpe:2.3:a:pear:pear_liveuser:0.8:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "04227710-F303-4263-9F6E-D21D8C3AAEB4"
},
{
"criteria": "cpe:2.3:a:pear:pear_liveuser:0.8.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "606EED04-2DB1-4D2E-9453-1C543562A732"
},
{
"criteria": "cpe:2.3:a:pear:pear_liveuser:0.9:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4844A5F3-33FB-429C-BEF5-8F5A085F36C6"
},
{
"criteria": "cpe:2.3:a:pear:pear_liveuser:0.10.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3D832073-75E3-40A8-85D5-B7D69F56D146"
},
{
"criteria": "cpe:2.3:a:pear:pear_liveuser:0.11.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B40DBA27-8162-4F08-A1C0-6F48BB033D00"
},
{
"criteria": "cpe:2.3:a:pear:pear_liveuser:0.11.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "69EC9B9C-0AA2-489C-B1B9-38BA9D869496"
},
{
"criteria": "cpe:2.3:a:pear:pear_liveuser:0.12.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "886AC8D6-54B0-4EDA-AB69-6AB41C48C9C6"
},
{
"criteria": "cpe:2.3:a:pear:pear_liveuser:0.13.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4016F7D1-91D1-42CA-AC01-993CEEA6CC2B"
},
{
"criteria": "cpe:2.3:a:pear:pear_liveuser:0.13.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "EC697B55-9936-4414-8140-B2F47501F30D"
},
{
"criteria": "cpe:2.3:a:pear:pear_liveuser:0.13.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F75CE9E2-FEFF-40D4-9053-5B43409FF840"
},
{
"criteria": "cpe:2.3:a:pear:pear_liveuser:0.13.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8E329EEE-CC3C-48B2-BDB3-AD5A50105652"
},
{
"criteria": "cpe:2.3:a:pear:pear_liveuser:0.14.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FE639406-C5B5-483C-9C11-FEF7CDE4026B"
},
{
"criteria": "cpe:2.3:a:pear:pear_liveuser:0.15.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8BA4DB66-8011-4BF5-A144-48A6E1C331A1"
},
{
"criteria": "cpe:2.3:a:pear:pear_liveuser:0.15.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2810AFF2-F93D-4CD0-A972-01020D0D1BFE"
},
{
"criteria": "cpe:2.3:a:pear:pear_liveuser:0.16.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "EAECB770-C696-457F-8D7B-A40CD0E05675"
},
{
"criteria": "cpe:2.3:a:pear:pear_liveuser:0.16.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C6DCC2D8-9DAB-4AF2-99B0-42477F87E0A7"
},
{
"criteria": "cpe:2.3:a:pear:pear_liveuser:0.16.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "08C464A0-6056-4070-A916-BFBE094A5882"
},
{
"criteria": "cpe:2.3:a:pear:pear_liveuser:0.16.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "23FF77E5-25E7-45A8-B411-F256104AC735"
},
{
"criteria": "cpe:2.3:a:pear:pear_liveuser:0.16.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7B2AB6F2-0AFE-47E2-B972-B801B18968A7"
},
{
"criteria": "cpe:2.3:a:pear:pear_liveuser:0.16.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "33529D72-AA7C-44EC-8308-CEE4909328B5"
},
{
"criteria": "cpe:2.3:a:pear:pear_liveuser:0.16.6:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "55561115-1834-4C15-BD8A-F51DF611886A"
},
{
"criteria": "cpe:2.3:a:pear:pear_liveuser:0.16.7:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "086EA9AD-0125-481C-BF39-5A08C720A92A"
},
{
"criteria": "cpe:2.3:a:pear:pear_liveuser:0.16.8:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B9D13302-2098-4C69-81F4-A1B44BDEAE94"
}
],
"operator": "OR"
}
]
}
]