Directory traversal vulnerability in the GetData method in the Dell DellSystemLite.Scanner ActiveX control in DellSystemLite.ocx 1.0.0.0 allows remote attackers to read arbitrary files via directory traversal sequences in the fileID parameter.
References
Link | Resource |
---|---|
http://secunia.com/advisories/42880 | Vendor Advisory |
http://secunia.com/secunia_research/2011-10/ | Vendor Advisory |
http://www.securityfocus.com/bid/46443 | |
http://www.securitytracker.com/id?1025094 | |
http://secunia.com/advisories/42880 | Vendor Advisory |
http://secunia.com/secunia_research/2011-10/ | Vendor Advisory |
http://www.securityfocus.com/bid/46443 | |
http://www.securitytracker.com/id?1025094 |
Configurations
History
21 Nov 2024, 01:23
Type | Values Removed | Values Added |
---|---|---|
References | () http://secunia.com/advisories/42880 - Vendor Advisory | |
References | () http://secunia.com/secunia_research/2011-10/ - Vendor Advisory | |
References | () http://www.securityfocus.com/bid/46443 - | |
References | () http://www.securitytracker.com/id?1025094 - |
Information
Published : 2011-02-21 18:00
Updated : 2024-11-21 01:23
NVD link : CVE-2011-0329
Mitre link : CVE-2011-0329
CVE.ORG link : CVE-2011-0329
JSON object : View
Products Affected
dell
- dellsystemlite.scanner_activex_control
CWE
CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')