Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-6522


Vulnerability Score 6.8 6.8
CVE Id CVE-2008-6522
Last Modified 17 Jun 2009 12:00:00
Published 25 Mar 2009 02:30:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE



Multiple directory traversal vulnerabilities in the RenderFile function in ContentRender.class.php in Terracotta (aka OpenTerracotta) 0.6.1, and possibly other versions, allow remote attackers to list arbitrary directories and read arbitrary files via a .. (dot dot) in the (1) CurrentDirectory and (2) File parameters to index.php.

Vulnerable Systems


  • Devraj Mukherjee Openterracotta 0.6.1


XF - terracotta-index-file-include(41572)

BID - 28550

BUGTRAQ - 20080401 Terracotta Personal Edition Multiple vulnerabilities

Last Updated: 27 May 2016 10:49:14