Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-5856

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2008-5856
Last Modified 10 Jul 2009 01:28:28
Published 06 Jan 2009 12:30:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2008-5856

Summary

Directory traversal vulnerability in scripts/export.php in ClaSS before 0.8.61 allows remote attackers to read arbitrary files via directory traversal sequences in the ftype parameter.

Vulnerable Systems

Application

  • Class 0.4

  • Class 0.4.0

  • Class 0.4.1

  • Class 0.4.2

  • Class 0.5.0

  • Class 0.5.1

  • Class 0.5.2

  • Class 0.6.0

  • Class 0.6.1

  • Class 0.8

  • Class 0.8.0

  • Class 0.8.10

  • Class 0.8.14

  • Class 0.8.20

  • Class 0.8.26

  • Class 0.8.29

  • Class 0.8.32

  • Class 0.8.40

  • Class 0.8.47

  • Class 0.8.5

  • Class 0.8.51

  • Class 0.8.56

  • Class 0.8.59

  • Class 0.8.60

  • Class 0.8.8


References

XF - class-export-directory-traversal(47493)

BID - 32929

MILW0RM - 7579

CONFIRM - http://sourceforge.net/project/shownotes.php?release_id=648307

SECUNIA - 33222

OSVDB - 50807


Last Updated: 27 May 2016 10:48:57