Published: 12/11/1999 Updated: 19/12/2017

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

VMScore: 505

Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N

Directory traversal vulnerability in Matt Wright FormHandler.cgi script allows remote malicious users to read arbitrary files via (1) a .. (dot dot) in the reply_message_attach attachment parameter, or (2) by specifying the filename as a template.

Vulnerable Product	Search on Vulmon	Subscribe to Product
matt wright formhandler.cgi 3.0
matt wright formhandler.cgi 2.0
matt wright formhandler.cgi 1.0

source: wwwsecurityfocuscom/bid/799/info Any file that the FormHandlercgi has read access to (the cgi is typically run as user 'nobody' on Unix systems) can be specified as an attachment in a reply email This could allow an attacker to gain access to sensitive files such as /etc/passwd simply by modifying the form document @ALLOWED_A ...

NVD-CWE-Other http://www.securityfocus.com/archive/1/34939 http://www.securityfocus.com/bid/798 http://www.securityfocus.com/bid/799 http://www.securityfocus.com/archive/1/34600 https://exchange.xforce.ibmcloud.com/vulnerabilities/3550 https://nvd.nist.gov https://www.exploit-db.com/exploits/19620/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Product List Vendor List Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-1999-1050

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect