Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2000-0396

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2000-0396
Last Modified 10 Sep 2008 03:04:34
Published 24 May 2000 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2000-0396

Summary

The add.exe program in the Carello shopping cart software allows remote attackers to duplicate files on the server, which could allow the attacker to read source code for web scripts such as .ASP files.

Vulnerable Systems

Application

  • Pacific Software Carello 1.2.1


References

BID - 1245

BUGTRAQ - 20000524 Alert: Carello File Creation flaw


Last Updated: 27 May 2016 10:35:42