Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-1762

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2006-1762
Last Modified 08 Apr 2009 12:47:24
Published 12 Apr 2006 09:06:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2006-1762

Summary

Directory traversal vulnerability in index.php in blur6ex 0.3.452 allows remote attackers to include arbitrary files via the shard parameter. NOTE: this issue can be exploited to produce resultant XSS when the parameter has XSS manipulations, and path disclosure with other invalid values.

Vulnerable Systems

Application

  • Blursoft Blur6ex 0.3.462


References

BID - 17465

BUGTRAQ - 20080502 blur6ex-0.3.462 LOCAL FILE INCLUSION Vulnerbility

BUGTRAQ - 20060411 Multiple vulnerabilities in Blur6ex

VIM - 20060412 Multiple vulnerabilities in Blur6ex (fwd)

XF - blur6ex-index-path-disclosure(25758)

BUGTRAQ - 20060413 Re: Multiple vulnerabilities in Blur6ex


Last Updated: 27 May 2016 10:42:10