NVD

Id
59598  
Name
CVE-2006-0869  
Description
Directory traversal vulnerability in the "remember me" feature in liveuser.php in PHP Extension and Application Repository (PEAR) LiveUser 0.16.8 and earlier allows remote attackers to determine file existence, and possibly delete arbitrary files with short pathnames or possibly read arbitrary files, via a .. (dot dot) in the store_id value of a cookie.  
Reject
 
CVSS Version
2  
CVSS Score
6.4  
Severity
Medium  
CVSS Base Score
6.4  
CVSS Impact Subscore
4.9  
CVSS Exploit Subscore
10  
CVSS Vector
(AV:N/AC:L/Au:N/C:P/I:P/A:N)  
Pub Date
2016-12-20  
Published
2006-02-23  
Modified Date
2011-03-07  
Seq
2006-0869  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
306529 59598 CVE-2006-0869 http://pear.php.net/package/LiveUser/download/  View
306530 59598 CVE-2006-0869 466  View
306531 59598 CVE-2006-0869 1015659  View
306532 59598 CVE-2006-0869 http://www.gulftech.org/?node=research&article_id=00103-02212006  View
306533 59598 CVE-2006-0869 20060221 PEAR LiveUser File Access Vulnerabilities  View
306534 59598 CVE-2006-0869 16761  View
306535 59598 CVE-2006-0869 ADV-2006-0697  View
306536 59598 CVE-2006-0869 liveuser-liveuser-file-access(24852)  View
306537 59598 CVE-2006-0869 liveuser-liveuser-file-deletion(24853)  View

Related JVN