CVE-2006-0971 - Secunia Advisories - Vulnerability Information

CVE Reference: CVE-2006-0971
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2006-0971

Description: Directory traversal vulnerability in Lionel Reyero DirectContact 0.3b allows remote attackers to read arbitrary files via a .. (dot dot) in the URL.

CVE Status: Candidate

References: XF http://xforce.iss.net/xforce/xfdb/24930 ST 1015686 SREASON http://securityreason.com/securityalert/506 SAID Secunia Advisory: SA19053 OSVDB 23519 MISC http://www3.autistici.org/fdonato/advisory/DirectContact0.3b-adv.txt FULLDISC http://lists.grok.org.uk/pipermail/full-disclosure/2006-February/042560.html BUGTRAQ http://www.securityfocus.com/archive/1/archive/1/427464/100/0/threaded http://www.securityfocus.com/archive/1/archive/1/426250/100/0/threaded BID 16849

Return to the previous page.