Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2013-2641

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2013-2641
Last Modified 19 Mar 2014 09:48:30
Published 18 Mar 2014 01:02:51
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2013-2641

Summary

Directory traversal vulnerability in patience.cgi in Sophos Web Appliance before 3.7.8.2 allows remote attackers to read arbitrary files via the id parameter.

Vulnerable Systems

Operating System

  • Sophos Web Appliance Firmware 3.7.8.1


References

MISC - https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20130403-0_Sophos_Web_Protection_Appliance_Multiple_Vulnerabilities.txt

CONFIRM - http://www.sophos.com/en-us/support/knowledgebase/118969.aspx


Last Updated: 27 May 2016 11:04:42