Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-1169

Overview

Vulnerability Score 7.8 7.8
CVE Id CVE-2008-1169
Last Modified 07 Mar 2011 10:06:15
Published 05 Mar 2008 06:44:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2008-1169

Summary

Directory traversal vulnerability in the embedded HTTP server in SCI Photo Chat Server 3.4.9 and earlier allows remote attackers to read arbitrary files via a "..\" (dot dot backslash) or "../" (dot dot forward slash) in the GET command.

Vulnerable Systems

Application

  • Simm-comm Sci Photo Chat 3.4.9


References

XF - photochat-get-directory-traversal(40655)

VUPEN - ADV-2008-0614

BID - 27872

MISC - http://aluigi.altervista.org/adv/scichatdt-adv.txt


Last Updated: 27 May 2016 10:47:02