Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-0630

Overview

Vulnerability Score 2.1 2.1
CVE Id CVE-2005-0630
Last Modified 05 Sep 2008 04:46:51
Published 01 Mar 2005 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2005-0630

Summary

sendpm.php in PBLang 4.63 allows remote authenticated users to read arbitrary files via a full pathname in the orig parameter.

Vulnerable Systems

Application

  • Pblang 4.0

  • Pblang 4.56 4.5 Rc2

  • Pblang 4.6

  • Pblang 4.63


References

XF - pblang-sendpm-obtain-information(19544)

BID - 12690

BUGTRAQ - 20050301 Software PBLang 4.63 sendpm.php reply file read vulnerability

CONFIRM - http://pblforum.drmartinus.de/post.php?cat=2&fid=2&pid=40&page=1


Last Updated: 27 May 2016 10:39:52