Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2001-1050

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2001-1050
Last Modified 05 Sep 2008 04:25:33
Published 02 Oct 2001 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2001-1050

Summary

CCCSoftware CCC PHP script allows remote attackers to include arbitrary files from remote web sites via an HTTP request that sets the includedir variable.

Vulnerable Systems

Application

  • Cccsoftware Ccc 0.91

  • Cccsoftware Ccc 0.92

  • Cccsoftware Ccc 0.94

  • Cccsoftware Ccc 0.95

  • Cccsoftware Ccc 0.96

  • Cccsoftware Ccc 0.97

  • Cccsoftware Ccc 0.98

  • Cccsoftware Ccc 0.99

  • Cccsoftware Ccc 1.0

  • Cccsoftware Ccc 1.02

  • Cccsoftware Ccc 1.03


References

XF - php-includedir-code-execution(7215)

BUGTRAQ - 20011002 results of semi-automatic source code audit

BID - 3389


Last Updated: 27 May 2016 10:36:30