Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-1930

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2005-1930
Last Modified 07 Mar 2011 09:23:06
Published 14 Dec 2005 03:07:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2005-1930

Summary

Directory traversal vulnerability in the Crystal Report component (rptserver.asp) in Trend Micro ServerProtect Management Console 5.58, as used in Control Manager 2.5 and 3.0 and Damage Cleanup Server 1.1, and possibly earlier versions, allows remote attackers to read arbitrary files via the IMAGE parameter.

Vulnerable Systems

Application

  • Trend Micro Serverprotect 5.58


References

VUPEN - ADV-2005-2907

IDEFENSE - 20051214 Trend Micro ServerProtect Crystal Reports ReportServer File Disclosure

BID - 15867

OSVDB - 21770

SECTRACK - 1015358

SREASON - 258

SECUNIA - 18038


Last Updated: 27 May 2016 10:40:20