CVE-2005-3123

Currently unrated

Key Information:

Vendor: Gnu
Status: Gnump3d
Vendor: CVE Published:; 30 October 2005

Summary

Directory traversal vulnerability in GNUMP3D before 2.9.6 allows remote attackers to read arbitrary files via crafted sequences such as "/.//..//////././", which is collapsed into "/.././" after ".." and "//" sequences are removed.

References

http://www.novell.com/linux/security/advisories/2005_28_s...

vendor-advisoryx_refsource_SUSE

http://www.osvdb.org/20360

vdb-entryx_refsource_OSVDB

http://securityreason.com/securityalert/127

third-party-advisoryx_refsource_SREASON

Timeline

Vulnerability published
Oct 30, 2005
Vulnerability Reserved
Oct 3, 2005