CVE-2014-0666

Published Jan 16, 2014

Last updated 8 years ago

CVSS info 4.3

Overview

Description: Directory traversal vulnerability in the Send Screen Capture implementation in Cisco Jabber 9.2(.1) and earlier on Windows allows remote attackers to upload arbitrary types of files, and consequently execute arbitrary code, via modified packets, aka Bug ID CSCug48056.
Source: ykramarz@cisco.com
NVD status: Modified

Risk scores

CVSS 2.0

Type: Primary
Base score: 4.3
Impact score: 2.9
Exploitability score: 8.6
Vector string: AV:N/AC:M/Au:N/C:N/I:P/A:N

Weaknesses

nvd@nist.gov: CWE-22

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:cisco:jabber:*:-:-:*:-:windows:*:*",
            "vulnerable": true,
            "matchCriteriaId": "31D1EF03-FF40-421B-8930-D6FB357FE9E8",
            "versionEndIncluding": "9.2\\(.1\\)"
          },
          {
            "criteria": "cpe:2.3:a:cisco:jabber:9.0:-:-:*:-:windows:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9C1BAB84-6EC4-44AC-BC0F-EF0A4AED83E6"
          },
          {
            "criteria": "cpe:2.3:a:cisco:jabber:9.0\\(.0\\):-:-:*:-:windows:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CD53E475-7F41-4722-9DC8-2CA4E06BA3D2"
          },
          {
            "criteria": "cpe:2.3:a:cisco:jabber:9.0\\(.1\\):-:-:*:-:windows:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1AEEB642-4B2A-46A0-A007-00F5271FB007"
          },
          {
            "criteria": "cpe:2.3:a:cisco:jabber:9.0\\(.2\\):-:-:*:-:windows:*:*",
            "vulnerable": true,
            "matchCriteriaId": "45EC995E-27E6-490A-B6FF-27E6A614D6A6"
          },
          {
            "criteria": "cpe:2.3:a:cisco:jabber:9.0\\(.3\\):-:-:*:-:windows:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1C8E025B-B512-4812-B893-6A91BA500B5B"
          },
          {
            "criteria": "cpe:2.3:a:cisco:jabber:9.0\\(.4\\):-:-:*:-:windows:*:*",
            "vulnerable": true,
            "matchCriteriaId": "39B05E17-DF9C-4FEE-963E-3F8EDC16A0DE"
          },
          {
            "criteria": "cpe:2.3:a:cisco:jabber:9.0\\(.5\\):-:-:*:-:windows:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EDDC24DC-08C4-40E7-BCD1-C8031AE46CEF"
          },
          {
            "criteria": "cpe:2.3:a:cisco:jabber:9.1:-:-:*:-:windows:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D976A52F-30A5-4390-9DEF-C196EFD72A9B"
          },
          {
            "criteria": "cpe:2.3:a:cisco:jabber:9.1\\(.0\\):-:-:*:-:windows:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CF652900-65FF-4599-929A-3E3F9E07138D"
          },
          {
            "criteria": "cpe:2.3:a:cisco:jabber:9.1\\(.1\\):-:-:*:-:windows:*:*",
            "vulnerable": true,
            "matchCriteriaId": "891CDFBD-8C70-4711-B90B-8734E39FA937"
          },
          {
            "criteria": "cpe:2.3:a:cisco:jabber:9.1\\(.2\\):-:-:*:-:windows:*:*",
            "vulnerable": true,
            "matchCriteriaId": "19615E29-B957-4904-9937-472752842FD1"
          },
          {
            "criteria": "cpe:2.3:a:cisco:jabber:9.1\\(.3\\):-:-:*:-:windows:*:*",
            "vulnerable": true,
            "matchCriteriaId": "41466543-F95C-48EC-BD65-65C1D20315CE"
          },
          {
            "criteria": "cpe:2.3:a:cisco:jabber:9.1\\(.4\\):-:-:*:-:windows:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1448DA4E-A06F-464E-8CDA-E2ADF3BB6429"
          },
          {
            "criteria": "cpe:2.3:a:cisco:jabber:9.1\\(.5\\):-:-:*:-:windows:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EC3FEAED-786F-41D7-A9F0-61ED0E9EAFBD"
          },
          {
            "criteria": "cpe:2.3:a:cisco:jabber:9.2:-:-:*:-:windows:*:*",
            "vulnerable": true,
            "matchCriteriaId": "89F425F6-62A3-496E-ACF6-9C2504B7F5EA"
          },
          {
            "criteria": "cpe:2.3:a:cisco:jabber:9.2\\(.0\\):-:-:*:-:windows:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BD36095C-939A-4161-A0DA-DA514AA58A05"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References