CVE-2011-0329

high

Description

Directory traversal vulnerability in the GetData method in the Dell DellSystemLite.Scanner ActiveX control in DellSystemLite.ocx 1.0.0.0 allows remote attackers to read arbitrary files via directory traversal sequences in the fileID parameter.

References

http://www.securitytracker.com/id?1025094

http://www.securityfocus.com/bid/46443

http://secunia.com/secunia_research/2011-10/

http://secunia.com/advisories/42880

Details

Source: Mitre, NVD

Published: 2011-02-21

Updated: 2011-03-18

Risk Information

CVSS v2

Base Score: 5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N

Severity: Medium

CVSS v3

Base Score: 7.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Severity: High

Detections

Analytics