Required CVE Record Information
Description
Directory traversal vulnerability in viewfile in TWiki 4.0.0 through 4.0.4 allows remote attackers to read arbitrary files via a .. (dot dot) in the filename parameter.
References 5 Total
- vupen.com: ADV-2006-3524 vdb-entry
- securityfocus.com: 19907 vdb-entry
- securitytracker.com: 1016805 vdb-entry
- secunia.com: 21829 third-party-advisory
- http://twiki.org/cgi-bin/view/Codev/SecurityAlert-CVE-2006-4294
Updated:
This container includes required additional information provided by the CVE Program for this vulnerability.
References 5 Total
- vupen.com: ADV-2006-3524 vdb-entryx_transferred
- securityfocus.com: 19907 vdb-entryx_transferred
- securitytracker.com: 1016805 vdb-entryx_transferred
- secunia.com: 21829 third-party-advisoryx_transferred
- http://twiki.org/cgi-bin/view/Codev/SecurityAlert-CVE-2006-4294 x_transferred