Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-3156

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2005-3156
Last Modified 05 Sep 2008 04:53:36
Published 05 Oct 2005 07:02:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2005-3156

Summary

Directory traversal vulnerability in printfaq.php in EasyGuppy (Guppy for Windows) 4.5.4 and 4.5.5 allows remote attackers to read arbitrary files via ".." sequences in the pg parameter, which is cleansed for XSS but not directory traversal.

Vulnerable Systems

Application

  • Easyguppy 4.5.4

  • Easyguppy 4.5.5


References

BUGTRAQ - 20050930 BID #14752 update


Last Updated: 27 May 2016 10:40:49