Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2000-0282

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2000-0282
Last Modified 10 Sep 2008 03:03:59
Published 12 Apr 2000 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2000-0282

Summary

TalentSoft webpsvr daemon in the Web+ shopping cart application allows remote attackers to read arbitrary files via a .. (dot dot) attack on the webplus CGI program.

Vulnerable Systems

Application

  • Talentsoft Web%2b 4


References

BID - 1102

BUGTRAQ - 20000412 TalentSoft Web+ Input Validation Bug Vulnerability

CONFIRM - ftp://ftp.talentsoft.com/Download/Webplus/Unix/Patches/Webplus46p%20Read%20me.html


Last Updated: 27 May 2016 10:35:38