Required CVE Record Information
Description
Unspecified vulnerability in Secure Elements Class 5 AVR client and server (aka C5 EVM) before 2.8.1 allows authenticated attackers to overwrite arbitrary files (1) on a server during an update or (2) on a client via modified pathnames, possibly due to a directory traversal issue.
References 8 Total
- http://www.kb.cert.org/vuls/id/WDON-6QAPC5
- secunia.com: 20378 third-party-advisory
- vupen.com: ADV-2006-2069 vdb-entry
- exchange.xforce.ibmcloud.com: c5emv-client-pathname-file-overwrite(26771) vdb-entry
- securitytracker.com: 1016184 vdb-entry
- http://www.kb.cert.org/vuls/id/WDON-6QAJFA
- kb.cert.org: VU#764025 third-party-advisory
- kb.cert.org: VU#912217 third-party-advisory
Updated:
This container includes required additional information provided by the CVE Program for this vulnerability.
References 8 Total
- http://www.kb.cert.org/vuls/id/WDON-6QAPC5 x_transferred
- secunia.com: 20378 third-party-advisoryx_transferred
- vupen.com: ADV-2006-2069 vdb-entryx_transferred
- exchange.xforce.ibmcloud.com: c5emv-client-pathname-file-overwrite(26771) vdb-entryx_transferred
- securitytracker.com: 1016184 vdb-entryx_transferred
- http://www.kb.cert.org/vuls/id/WDON-6QAJFA x_transferred
- kb.cert.org: VU#764025 third-party-advisoryx_transferred
- kb.cert.org: VU#912217 third-party-advisoryx_transferred