CVE-1999-1051

Recent Vulnerabilities Product List Research Posts Trends Blog About Contact

Published: 16/11/1999 Updated: 05/09/2008

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

VMScore: 445

Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N

Default configuration in Matt Wright FormHandler.cgi script allows arbitrary directories to be used for attachments, and only restricts access to the /etc/ directory, which allows remote malicious users to read arbitrary files via the reply_message_attach attachment parameter.

Vulnerable Product	Search on Vulmon	Subscribe to Product
matt wright formhandler.cgi 3.0
matt wright formhandler.cgi 2.0
matt wright formhandler.cgi 1.0

NVD-CWE-Other http://www.securityfocus.com/archive/1/34939 https://nvd.nist.gov

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Product List Vendor List Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-1999-1051

Vulnerability Summary

References

Vulmon Search

About

Products

Connect