ID CVE-2006-2692
Summary Multiple unspecified vulnerabilities in aMuleWeb for AMule before 2.1.2 allow remote attackers to read arbitrary image, HTML, or PHP files via unknown vectors, probably related to directory traversal. Successful exploitation requires that the full pathname of the file is known. This vulnerability is addressed in the following product release: aMule, aMule, 2.1.2
References
Vulnerable Configurations
  • cpe:2.3:a:amule:amule:*:*:*:*:*:*:*:*
    cpe:2.3:a:amule:amule:*:*:*:*:*:*:*:*
CVSS
Base: 5.0 (as of 05-09-2008 - 21:05)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL NONE NONE
cvss-vector via4 AV:N/AC:L/Au:N/C:P/I:N/A:N
refmap via4
bid 18145
confirm http://www.amule.org/wiki/index.php/Changelog_2.1.2
sectrack 1016188
secunia 20351
Last major update 05-09-2008 - 21:05
Published 31-05-2006 - 10:06
Back to Top