Directory traversal vulnerability in the web interface (ISALogin.dll) for TAC Vista 4.0, and possibly other versions before 4.3, allows remote attackers to read arbitrary files via ".." sequences in the Template parameter.
References
Link | Resource |
---|---|
http://archives.neohapsis.com/archives/fulldisclosure/2005-09/0469.html | |
http://secunia.com/advisories/16854 | Vendor Advisory |
http://securitytracker.com/id?1014923 | Exploit Vendor Advisory |
http://www.cirt.dk/advisories/cirt-37-advisory.pdf | Exploit Vendor Advisory |
http://www.osvdb.org/19479 | Exploit |
Configurations
Configuration 1 (hide)
|
History
No history.
Information
Published : 2005-09-22 10:03
Updated : 2024-02-28 10:42
NVD link : CVE-2005-3040
Mitre link : CVE-2005-3040
CVE.ORG link : CVE-2005-3040
JSON object : View
Products Affected
tac
- vista
CWE