CVE

Id
50436  
CVE No.
CVE-2011-2524  
Status
Candidate  
Description
Directory traversal vulnerability in soup-uri.c in SoupServer in libsoup before 2.35.4 allows remote attackers to read arbitrary files via a %2e%2e (encoded dot dot) in a URI.  
Phase
Assigned (20110615)  
Votes
None (candidate not yet proposed)  
Comments
 

Actions

Related CVE References

Id CVE Id CVE No. Reference Actions
545307 50436 CVE-2011-2524 MISC:https://bugzilla.gnome.org/show_bug.cgi?id=653258  View
545308 50436 CVE-2011-2524 CONFIRM:http://git.gnome.org/browse/libsoup/tree/NEWS  View
545309 50436 CVE-2011-2524 DEBIAN:DSA-2369  View
545310 50436 CVE-2011-2524 URL:http://www.debian.org/security/2011/dsa-2369  View
545311 50436 CVE-2011-2524 FEDORA:FEDORA-2011-9763  View
545312 50436 CVE-2011-2524 URL:http://lists.fedoraproject.org/pipermail/package-announce/2011-August/063431.html  View
545313 50436 CVE-2011-2524 REDHAT:RHSA-2011:1102  View
545314 50436 CVE-2011-2524 URL:http://www.redhat.com/support/errata/RHSA-2011-1102.html  View
545315 50436 CVE-2011-2524 UBUNTU:USN-1181-1  View
545316 50436 CVE-2011-2524 URL:http://www.ubuntu.com/usn/USN-1181-1  View
545317 50436 CVE-2011-2524 SECTRACK:1025864  View
545318 50436 CVE-2011-2524 URL:http://www.securitytracker.com/id?1025864  View
545319 50436 CVE-2011-2524 SECUNIA:47299  View

Related JVN

Id JVN No. Title Summary CVE No. CVE Id CVSS_v2 CVSS_v3 JVN URL Actions
34487 JVNDB-2011-004729 Asterisk Open Source の SIP チャンネルドライバにおけるサービス運用妨害 (DoS) の脆弱性 Asterisk Open Source の SIP チャンネルドライバの chan_sip.c は、SIP パケットの「 」 文字を適切に処理しないため、サービス運用妨害 (メモリ破損) 状態となる脆弱性が存在します。 CVE-2011-2529 50436 5 http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-004729.html  View