CVE-2005-3820

critical

Description

Multiple directory traversal vulnerabilities in index.php in vTiger CRM 4.2 and earlier allow remote attackers to read or include arbitrary files, an ultimately execute arbitrary PHP code, via .. (dot dot) and null byte ("%00") sequences in the (1) module parameter and (2) action parameter in the Leads module, as also demonstrated by injecting PHP code into log messages and accessing the log file.

References

http://www.vupen.com/english/advisories/2005/2569

http://www.securityfocus.com/bid/15569

http://www.securityfocus.com/archive/1/417730/30/0/threaded

http://www.securityfocus.com/archive/1/417711/30/0/threaded

http://www.hardened-php.net/advisory_232005.105.html

http://securitytracker.com/id?1015274

http://securitytracker.com/id?1015271

http://secunia.com/advisories/17693

http://marc.info/?l=full-disclosure&m=113290708121951&w=2

Details

Source: Mitre, NVD

Published: 2005-11-26

Updated: 2018-10-19

Risk Information

CVSS v2

Base Score: 6.4

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:N

Severity: Medium

CVSS v3

Base Score: 9.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Severity: Critical