CVE-2008-2432

critical

Description

Insecure method vulnerability in the GetFileList method in an unspecified ActiveX control in Novell iPrint Client before 5.06 allows remote attackers to list the image files in an arbitrary directory via a directory name in the argument.

References

http://www.securityfocus.com/bid/30813

http://secunia.com/secunia_research/2008-30/advisory/

http://secunia.com/advisories/30667

Details

Source: Mitre, NVD

Published: 2008-11-26

Updated: 2008-11-26

Risk Information

CVSS v2

Base Score: 5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N

Severity: Medium

CVSS v3

Base Score: 9.1

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

Severity: Critical

Detections

Analytics