Detections
Analytics

CVE-2006-5750

high

Description

Directory traversal vulnerability in the DeploymentFileRepository class in JBoss Application Server (jbossas) 3.2.4 through 4.0.5 allows remote authenticated users to read or modify arbitrary files, and possibly execute arbitrary code, via unspecified vectors related to the console manager.

References

https://secure-support.novell.com/KanisaPlatform/Publishing/719/3024921_f.SAL_Public.html

http://www.vupen.com/english/advisories/2008/1155/references

http://www.vupen.com/english/advisories/2007/0554

http://www.vupen.com/english/advisories/2006/4726

http://www.vupen.com/english/advisories/2006/4724

http://www.securityfocus.com/bid/21219

http://www.securityfocus.com/archive/1/452862/100/100/threaded

http://www.securityfocus.com/archive/1/452830/100/0/threaded

http://www.redhat.com/support/errata/RHSA-2006-0743.html

http://www.osvdb.org/30767

http://www.novell.com/linux/security/advisories/2007_02_sr.html

http://securitytracker.com/id?1017289

http://secunia.com/advisories/29726

http://secunia.com/advisories/24104

http://secunia.com/advisories/23984

http://secunia.com/advisories/23095

http://jira.jboss.com/jira/browse/JBAS-3861

http://jira.jboss.com/jira/browse/ASPATCH-126

http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01390402

Details

Source: Mitre, NVD

Published: 2006-11-27

Updated: 2024-11-21

Risk Information

CVSS v2

Base Score: 7.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Severity: High

CVSS v3

Base Score: 8.8

Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Severity: High