CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-1999-1005

Groupwise web server GWWEB.EXE allows remote attackers to read arbitrary files with .htm extensions via a .. (dot dot) attack using the HELP parameter.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.017

EPSS Ranking 81.3%

CVSS Severity

CVSS v2 Score 5.0

References

http://marc.info/?l=bugtraq&m=94571433731824&w=2
http://www.osvdb.org/3413
http://www.securityfocus.com/bid/879
http://marc.info/?l=bugtraq&m=94571433731824&w=2
http://www.osvdb.org/3413
http://www.securityfocus.com/bid/879

Products affected by CVE-1999-1005

Netscape » Enterprise Server » Version: 3.0.7a

cpe:2.3:a:netscape:enterprise_server:3.0.7a
Novell » Groupwise » Version: 5.2

cpe:2.3:a:novell:groupwise:5.2
Novell » Groupwise » Version: 5.5

cpe:2.3:a:novell:groupwise:5.5

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-1999-1005

Products

Pricing

Contact Us