[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

250770

 
 

909

 
 

196157

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2009-2944Date: (C)2009-08-31   (M)2023-12-22


Incomplete blacklist vulnerability in the teximg plugin in ikiwiki before 3.1415926 and 2.x before 2.53.4 allows context-dependent attackers to read arbitrary files via crafted TeX commands.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 5.0
Exploit Score: 10.0
Impact Score: 2.9
 
CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: LOW
Authentication: NONE
Confidentiality: PARTIAL
Integrity: NONE
Availability: NONE
  
Reference:
BID-36181
SECUNIA-36516
SECUNIA-36539
OSVDB-57575
ADV-2009-2475
DSA-1875
http://ikiwiki.info/security/#index35h2
ikiwiki-teximg-info-disclosure(52922)

CPE    78
cpe:/a:ikiwiki:ikiwiki:2.65
cpe:/a:ikiwiki:ikiwiki:2.64
cpe:/a:ikiwiki:ikiwiki:2.20
cpe:/a:ikiwiki:ikiwiki:2.63
...
OVAL    5
oval:org.mitre.oval:def:7859
oval:org.secpod.oval:def:100179
oval:org.secpod.oval:def:600508
oval:org.secpod.oval:def:102334
...

© SecPod Technologies