Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-5291

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2008-5291
Last Modified 15 Aug 2009 01:16:23
Published 01 Dec 2008 10:30:03
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2008-5291

Summary

Directory traversal vulnerability in code/track.php in FuzzyLime 3.03 allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the p parameter, a different vector than CVE-2007-4805 and CVE-2008-3165.

Vulnerable Systems

Application

  • Fuzzylime Cms 3.03


References

XF - fuzzylimecms-track-file-include(46841)

BID - 32475

MILW0RM - 7231

SREASON - 4667

SECUNIA - 32865


Last Updated: 27 May 2016 10:48:46