CVE-2003-0599

Unknown vulnerability in the Virtual File System (VFS) capability for phpGroupWare 0.9.16preRC and versions before 0.9.14.004 with unknown implications, related to the VFS path being under the web document root.

CVSS v2.0 10.0 HIGH

10.0^/10

CVSS v2.0 : HIGH

Vector : AV:N/AC:L/Au:N/C:C/I:C/A:C

Exploitability : 10.0 / Impact : 10.0

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References

Link	Resource
http://mail.gnu.org/archive/html/phpgroupware-users/2003-07/msg00035.html
http://www.debian.org/security/2003/dsa-365
http://www.phpgroupware.org
http://mail.gnu.org/archive/html/phpgroupware-users/2003-07/msg00035.html
http://www.debian.org/security/2003/dsa-365
http://www.phpgroupware.org

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:phpgroupware:phpgroupware::::::::
	cpe:2.3:a:phpgroupware:phpgroupware:0.9.16prerc:::::::*

History

20 Nov 2024, 23:45

Type	Values Removed	Values Added
References	~~() http://mail.gnu.org/archive/html/phpgroupware-users/2003-07/msg00035.html -~~	() http://mail.gnu.org/archive/html/phpgroupware-users/2003-07/msg00035.html -
References	~~() http://www.debian.org/security/2003/dsa-365 -~~	() http://www.debian.org/security/2003/dsa-365 -
References	~~() http://www.phpgroupware.org -~~	() http://www.phpgroupware.org -

Information

Published : 2003-08-27 04:00

Updated : 2024-11-20 23:45

NVD link : CVE-2003-0599

Mitre link : CVE-2003-0599

CVE.ORG link : CVE-2003-0599

JSON object : View

Products Affected

phpgroupware

phpgroupware

CWE

NVD-CWE-Other

{"id": "CVE-2003-0599", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 10.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2003-08-27T04:00:00.000", "references": [{"url": "http://mail.gnu.org/archive/html/phpgroupware-users/2003-07/msg00035.html", "source": "cve@mitre.org"}, {"url": "http://www.debian.org/security/2003/dsa-365", "source": "cve@mitre.org"}, {"url": "http://www.phpgroupware.org", "source": "cve@mitre.org"}, {"url": "http://mail.gnu.org/archive/html/phpgroupware-users/2003-07/msg00035.html", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.debian.org/security/2003/dsa-365", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.phpgroupware.org", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-Other"}]}], "descriptions": [{"lang": "en", "value": "Unknown vulnerability in the Virtual File System (VFS) capability for phpGroupWare 0.9.16preRC and versions before 0.9.14.004 with unknown implications, related to the VFS path being under the web document root."}, {"lang": "es", "value": "Vulnerabilidad desconocida en la capacidad de Sistema de Ficheros Virtual (VFS) de phpGroupWare 0.9.16preRC, y versiones anteriores a 0.9.14.004 con implicaciones desconocidas, relacionadas con que la ruta VFS est\u00e9 bajo la ra\u00edz de documentos web."}], "lastModified": "2024-11-20T23:45:06.750", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:phpgroupware:phpgroupware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A0B79024-B9B4-4FE1-A734-4729D26DB5CD", "versionEndIncluding": "0.9.14.004"}, {"criteria": "cpe:2.3:a:phpgroupware:phpgroupware:0.9.16prerc:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6D8DDA15-ED21-498E-94BB-2998968139D7"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}