Directory Traversal Vulnerability in BitDefender Update Server Products
CVE-2008-0396

Currently unrated

Key Information:

Vendor: Bitdefender
Status: Update Server
Vendor: CVE Published:; 23 January 2008

🔔 Create Bitdefender Vulnerability Alert

What is CVE-2008-0396?

A directory traversal vulnerability exists in the BitDefender Update Server's http.exe component. This flaw allows remote attackers to exploit the server by manipulating HTTP requests to traverse directories using '..' sequences. As a result, attackers can gain unauthorized access to arbitrary files on the server, potentially exposing sensitive data. This issue affects various BitDefender products, including Security for Fileservers and Enterprise Manager (BDEM), posing significant risks to system security.

References

http://www.securityfocus.com/bid/27358

vdb-entryx_refsource_BID

http://www.securityfocus.com/archive/1/486701/100/0/threaded

mailing-listx_refsource_BUGTRAQ

https://exchange.xforce.ibmcloud.com/vulnerabilities/39802

vdb-entryx_refsource_XF

EPSS Score

7% chance of being exploited in the next 30 days.

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jan 23, 2008
Vulnerability Reserved
Jan 22, 2008