CVE-2008-0396

Directory traversal vulnerability in BitDefender Update Server (http.exe), as used in BitDefender products including Security for Fileservers and Enterprise Manager (BDEM), allows remote attackers to read arbitrary files via .. (dot dot) sequences in an HTTP request.
Configurations

Configuration 1 (hide)

cpe:2.3:a:bitdefender:update_server:*:*:*:*:*:*:*:*

History

No history.

Information

Published : 2008-01-23 12:00

Updated : 2024-02-28 11:01


NVD link : CVE-2008-0396

Mitre link : CVE-2008-0396

CVE.ORG link : CVE-2008-0396


JSON object : View

Products Affected

bitdefender

  • update_server
CWE
CWE-22

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')