Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-4095

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2005-4095
Last Modified 07 Mar 2011 09:27:41
Published 08 Dec 2005 06:03:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2005-4095

Summary

Directory traversal vulnerability in connector.php in the fckeditor2rc2 addon in DoceboLMS 2.0.4 allows remote attackers to list arbitrary files and directories via ".." sequences in the Type parameter in a GetFoldersAndFiles command.

Vulnerable Systems

Application

  • Docebolms 2.0.4


References

VUPEN - ADV-2005-2771

BID - 15742

SECUNIA - 17896

SECUNIA - 1015308

MISC - http://rgod.altervista.org/docebo204_xpl.html

XF - docebolms-connector-directory-traversal(23518)

OSVDB - 21464


Last Updated: 27 May 2016 10:41:11