Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2004-0344

Overview

Vulnerability Score 6.4 6.4
CVE Id CVE-2004-0344
Last Modified 05 Sep 2008 04:38:11
Published 23 Nov 2004 12:00:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2004-0344

Summary

Directory traversal vulnerability in ModifyMessage.php in YaBB SE 1.5.4 through 1.5.5b allows remote attackers to delete arbitrary files via a .. (dot dot) in the attachOld parameter.

Vulnerable Systems

Application

  • Yabb 1.5.5

  • Yabb 1.5.5b


References

BID - 9774

BUGTRAQ - 20040301 YabbSE (3 on 1)


Last Updated: 27 May 2016 10:38:34