Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-0702

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2006-0702
Last Modified 07 Mar 2011 09:30:37
Published 15 Feb 2006 06:06:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2006-0702

Summary

admin/upload.php in imageVue 16.1 allows remote attackers to upload arbitrary files to certain allowed folders via .. (dot dot) sequences in the path parameter. NOTE: due to the lack of details, the specific vulnerability type cannot be determined, although it might be due to directory traversal.

Vulnerable Systems

Application

  • Imagevue 0.16.1


References

VUPEN - ADV-2006-0570

BID - 16594

BUGTRAQ - 20060211 imageVue16.1 upload vulnerability

SECUNIA - 18802

XF - imagevue-upload-file-upload(24633)


Last Updated: 27 May 2016 10:41:46