Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-3380

Overview

Vulnerability Score 2.1 2.1
CVE Id CVE-2012-3380
Last Modified 05 Sep 2012 12:00:00
Published 31 Aug 2012 02:55:03
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2012-3380

Summary

Directory traversal vulnerability in naxsi-ui/nx_extract.py in the Naxsi module before 0.46-1 for Nginx allows local users to read arbitrary files via unspecified vectors.

Vulnerable Systems

Application

  • Naxsi Project Naxsi 0.46


References

OSVDB - 83617

MLIST - [oss-security] 20120706 Re: Three CVE requests: at-spi2-atk, as31, naxsi

MLIST - [oss-security] 20120705 Three CVE requests: at-spi2-atk, as31, naxsi

SECUNIA - 49811

MISC - http://code.google.com/p/naxsi/source/detail?r=307

CONFIRM - http://code.google.com/p/naxsi/


Last Updated: 27 May 2016 11:00:26