Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-3371

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2008-3371
Last Modified 07 Mar 2011 10:10:41
Published 30 Jul 2008 01:41:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2008-3371

Summary

Directory traversal vulnerability in install/help.php in TalkBack 2.3.5, and other versions before 2.3.6.2, allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the language parameter.

Vulnerable Systems

Application

  • Talkback 2.3.5


References

XF - talkback-help-file-include(44018)

VUPEN - ADV-2008-2211

BID - 30393

CONFIRM - http://www.scripts.oldguy.us/talkback/release-notes.html

MISC - http://www.packetstormsecurity.org/0907-exploits/talkback-lfiexec.txt

MILW0RM - 9095

MILW0RM - 6451

MILW0RM - 6148

SREASON - 4067


Last Updated: 27 May 2016 10:48:10