Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-0223

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2006-0223
Last Modified 07 Mar 2011 12:00:00
Published 16 Jan 2006 04:03:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2006-0223

Summary

Directory traversal vulnerability in Shanghai TopCMM 123 Flash Chat Server Software 5.1 allows attackers to create or overwrite arbitrary files on the server via ".." (dot dot) sequences in the username field.

Vulnerable Systems

Application

  • Topcmm Computing 123 Flash Chat Server 5.0

  • Topcmm Computing 123 Flash Chat Server 5.1


References

BID - 16235

MISC - http://www.123flashchat.com/flash-chat-server-v512.html

XF - 123flashchat-user-directory-traversal(24137)

VUPEN - ADV-2006-0198

OSVDB - 22440

SECUNIA - 18455


Last Updated: 27 May 2016 10:41:35