Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-6288

Overview

Vulnerability Score 7.8 7.8
CVE Id CVE-2008-6288
Last Modified 26 Feb 2009 12:00:00
Published 25 Feb 2009 06:30:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2008-6288

Summary

Directory traversal vulnerability in download.php in Interface Medien ibase 2.03 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the filename parameter.

Vulnerable Systems

Application

  • Interface-medien Ibase 2.0

  • Interface-medien Ibase 2.03


References

XF - ibase-download-directory-traversal(43983)

BID - 30362

MILW0RM - 6126

SECUNIA - 31210


Last Updated: 27 May 2016 10:49:08