Published: 20/09/2015 Updated: 23/09/2015
CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6
VMScore: 383
Vector: AV:N/AC:M/Au:N/C:P/I:N/A:N

Vulnerability Summary

Directory traversal vulnerability in H2O prior to 1.4.5 and 1.5.x prior to 1.5.0-beta2, when the file.dir directive is enabled, allows remote malicious users to read arbitrary files via a crafted URL.

Vulnerable Product Search on Vulmon Subscribe to Product

dena h20