Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-3080

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2005-3080
Last Modified 05 Sep 2008 04:53:24
Published 27 Sep 2005 04:03:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2005-3080

Summary

contrib/example.php in GeSHi before 1.0.7.3 allows remote attackers to read arbitrary files via the language field without a source field set.

Vulnerable Systems

Application

  • Geshi 1.0.0

  • Geshi 1.0.1

  • Geshi 1.0.2

  • Geshi 1.0.3

  • Geshi 1.0.4

  • Geshi 1.0.5

  • Geshi 1.0.6

  • Geshi 1.0.7

  • Geshi 1.0.7.1

  • Geshi 1.0.7.2


References

BID - 14903

CONFIRM - http://sourceforge.net/project/shownotes.php?release_id=358285


Last Updated: 27 May 2016 10:40:47