Vulnerability Details CVE-2001-1242
Directory traversal vulnerability in Un-CGI 1.9 and earlier allows remote attackers to execute arbitrary code via a .. (dot dot) in an HTML form.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.048
EPSS Ranking 89.0%
CVSS Severity
CVSS v2 Score 7.5
References
- http://archives.neohapsis.com/archives/bugtraq/2001-07/0287.html
- http://archives.neohapsis.com/archives/bugtraq/2001-07/0349.html
- http://www.iss.net/security_center/static/6846.php
- http://www.midwinter.com/~koreth/uncgi-changes.html
- http://www.securityfocus.com/bid/3056
- http://archives.neohapsis.com/archives/bugtraq/2001-07/0287.html
- http://archives.neohapsis.com/archives/bugtraq/2001-07/0349.html
- http://www.iss.net/security_center/static/6846.php
- http://www.midwinter.com/~koreth/uncgi-changes.html
- http://www.securityfocus.com/bid/3056
Products affected by CVE-2001-1242
-
cpe:2.3:a:steve_grimm:un-cgi:1.0
-
cpe:2.3:a:steve_grimm:un-cgi:1.1
-
cpe:2.3:a:steve_grimm:un-cgi:1.2
-
cpe:2.3:a:steve_grimm:un-cgi:1.3
-
cpe:2.3:a:steve_grimm:un-cgi:1.4
-
cpe:2.3:a:steve_grimm:un-cgi:1.5
-
cpe:2.3:a:steve_grimm:un-cgi:1.6
-
cpe:2.3:a:steve_grimm:un-cgi:1.6.1
-
cpe:2.3:a:steve_grimm:un-cgi:1.6.2
-
cpe:2.3:a:steve_grimm:un-cgi:1.7
-
cpe:2.3:a:steve_grimm:un-cgi:1.8
-
cpe:2.3:a:steve_grimm:un-cgi:1.9