Vulnerability Details CVE-2005-1994
Finjan SurfinGate 7.0SP2 and SP3 allows remote attackers to download blocked files via hex-encoded characters in a filename, as demonstrated using "%2e".
Exploit prediction scoring system (EPSS) score
EPSS Score 0.005
EPSS Ranking 64.2%
CVSS Severity
CVSS v2 Score 5.0
References
- http://marc.info/?l=bugtraq&m=111877410528692&w=2
- http://secunia.com/advisories/15711
- http://www.osvdb.org/17324
- http://www.vupen.com/english/advisories/2005/0778
- https://exchange.xforce.ibmcloud.com/vulnerabilities/21010
- http://marc.info/?l=bugtraq&m=111877410528692&w=2
- http://secunia.com/advisories/15711
- http://www.osvdb.org/17324
- http://www.vupen.com/english/advisories/2005/0778
- https://exchange.xforce.ibmcloud.com/vulnerabilities/21010
Products affected by CVE-2005-1994
-
cpe:2.3:a:finjan_software:surfingate:7.0_sp2
-
cpe:2.3:a:finjan_software:surfingate:7.0_sp3