Vulnerability Details CVE-2001-0924
Directory traversal vulnerability in ifx CGI program in Informix Web DataBlade allows remote attackers to read arbitrary files via a .. (dot dot) in the LO parameter.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.111
EPSS Ranking 93.2%
CVSS Severity
CVSS v2 Score 5.0
References
- http://marc.info/?l=bugtraq&m=100654890029878&w=2
- http://marc.info/?l=bugtraq&m=100688672019635&w=2
- http://www.securityfocus.com/bid/3575
- https://exchange.xforce.ibmcloud.com/vulnerabilities/7585
- http://marc.info/?l=bugtraq&m=100654890029878&w=2
- http://marc.info/?l=bugtraq&m=100688672019635&w=2
- http://www.securityfocus.com/bid/3575
- https://exchange.xforce.ibmcloud.com/vulnerabilities/7585
Products affected by CVE-2001-0924
-
cpe:2.3:a:ibm:informix_web_datablade:3.3
-
cpe:2.3:a:ibm:informix_web_datablade:3.4
-
cpe:2.3:a:ibm:informix_web_datablade:3.5
-
cpe:2.3:a:ibm:informix_web_datablade:3.6
-
cpe:2.3:a:ibm:informix_web_datablade:3.7
-
cpe:2.3:a:ibm:informix_web_datablade:4.10
-
cpe:2.3:a:ibm:informix_web_datablade:4.11
-
cpe:2.3:a:ibm:informix_web_datablade:4.12