Vulnerabilities
Vulnerable Software

Vulnerability Details CVE-2013-5648

Absolute path traversal vulnerability in the handleStartDataFile function in DigiDocSAXParser.c in libdigidoc 3.6.0.0, as used in ID-software before 3.7.2 and other products, allows remote attackers to overwrite arbitrary files via a filename beginning with / (slash) or \ (backslash) in a DDOC file.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.01
EPSS Ranking 75.5%
CVSS Severity
CVSS v2 Score 6.8
Products affected by CVE-2013-5648
  • Id » Id-Software » Version: 3.7
    cpe:2.3:a:id:id-software:3.7
  • Id » Id-Software » Version: 3.7.1
    cpe:2.3:a:id:id-software:3.7.1
  • Id » Libdigidoc » Version: 3.6.0.0
    cpe:2.3:a:id:libdigidoc:3.6.0.0


Contact Us

Shodan ® - All rights reserved