Intelligence Center » Browse All Vulnerabilities » CVE-2000-0282
Overview |
|
| Vulnerability Score |  5.0 |
| CVE Id | CVE-2000-0282 |
| Last Modified | 10 Sep 2008 03:03:59 |
| Published | 12 Apr 2000 12:00:00 |
| Confidentiality Impact | PARTIAL |
| Integrity Impact |  NONE |
| Availability Impact | NONE |
| Access Vector | NETWORK |
| Access Complexity | LOW |
| Authentication | NONE |
CVE-2000-0282
Summary
TalentSoft webpsvr daemon in the Web+ shopping cart application allows remote attackers to read arbitrary files via a .. (dot dot) attack on the webplus CGI program.
Vulnerable Systems
Application
Talentsoft Web%2b 4
References
BID - 1102
BUGTRAQ - 20000412 TalentSoft Web+ Input Validation Bug Vulnerability
CONFIRM - ftp://ftp.talentsoft.com/Download/Webplus/Unix/Patches/Webplus46p%20Read%20me.html
IT Risk Posture:
Free Risk Assessment Tools
Application Scanner
Find vulnerabilities on your network.
Device Scanner
Find vulnerabilities on your network.
Patch Scanner
Find vulnerabilities on your network.
Last Updated: 27 May 2016 10:35:38
