CVE-2013-3598

2013-08-28 15:09:15 2013-09-11 05:23:38

Directory traversal vulnerability in servlet/CreateTemplateServlet in SearchBlox before 7.5 build 1 allows remote attackers to overwrite arbitrary files via a .. (dot dot) in the name parameter.

Vector

NETWORK

Complexity

LOW

Authentication

NONE

Confidentiality

NONE

Integrity

PARTIAL

Availability

NONE

Searchblox - Searchblox

Advisory	Patch	Confirmed	Link
			96619
			VU#592942
			http://www.searchblox.com/developers-2/change-log
			http://buddhalabs.com/Advisories/WebAdvisories.html

CVE-2013-3598

2013-08-28 15:09:15 2013-09-11 05:23:38

Vector

Complexity

Authentication

Confidentiality

Integrity

Availability

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') (ID 22)