CVE-2011-0329

{"id": "CVE-2011-0329", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 5.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2011-02-21T18:00:01.160", "references": [{"url": "http://secunia.com/advisories/42880", "tags": ["Vendor Advisory"], "source": "PSIRT-CNA@flexerasoftware.com"}, {"url": "http://secunia.com/secunia_research/2011-10/", "tags": ["Vendor Advisory"], "source": "PSIRT-CNA@flexerasoftware.com"}, {"url": "http://www.securityfocus.com/bid/46443", "source": "PSIRT-CNA@flexerasoftware.com"}, {"url": "http://www.securitytracker.com/id?1025094", "source": "PSIRT-CNA@flexerasoftware.com"}, {"url": "http://secunia.com/advisories/42880", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://secunia.com/secunia_research/2011-10/", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/bid/46443", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securitytracker.com/id?1025094", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-22"}]}], "descriptions": [{"lang": "en", "value": "Directory traversal vulnerability in the GetData method in the Dell DellSystemLite.Scanner ActiveX control in DellSystemLite.ocx 1.0.0.0 allows remote attackers to read arbitrary files via directory traversal sequences in the fileID parameter."}, {"lang": "es", "value": "Vulnerabilidad de salto de directorio en el m\u00e9todo GetData en Dell DellSystemLite.Scanner ActiveX en DellSystemLite.ocx v1.0.0.0, cuando est\u00e1 habilitado register_globals, permite a atacantes remotos leer ficheros locales de su elecci\u00f3n al utilizar caracteres .. (punto punto) en el par\u00e1metro fileID.\r\n"}], "lastModified": "2024-11-21T01:23:45.340", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:dell:dellsystemlite.scanner_activex_control:1.0.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C951A2C5-1442-4BC7-9555-D1E61D8A8FE7"}], "operator": "OR"}]}], "sourceIdentifier": "PSIRT-CNA@flexerasoftware.com"}