CVE-2011-2524

Currently unrated

Key Information:

Vendor: Gnome
Status: Libsoup
Vendor: CVE Published:; 31 August 2011

Summary

Directory traversal vulnerability in soup-uri.c in SoupServer in libsoup before 2.35.4 allows remote attackers to read arbitrary files via a %2e%2e (encoded dot dot) in a URI.

References

http://secunia.com/advisories/47299

third-party-advisoryx_refsource_SECUNIA

http://git.gnome.org/browse/libsoup/tree/NEWS

x_refsource_CONFIRM

http://lists.fedoraproject.org/pipermail/package-announce...

vendor-advisoryx_refsource_FEDORA

Timeline

Vulnerability published
Aug 31, 2011
Vulnerability Reserved
Jun 15, 2011