Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2001-1049

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2001-1049
Last Modified 10 Sep 2008 03:09:34
Published 02 Oct 2001 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2001-1049

Summary

Phorecast PHP script before 0.40 allows remote attackers to include arbitrary files from remote web sites via an HTTP request that sets the includedir variable.

Vulnerable Systems

Application

  • Paul M. Jones Phorecast 0.40


References

BUGTRAQ - 20011002 results of semi-automatic source code audit

BID - 3388

CONFIRM - http://phorecast.org/

XF - php-includedir-code-execution(7215)


Last Updated: 27 May 2016 10:36:30