Vulnerability Description
Directory traversal vulnerability in RadioBird Software WebServer 4 Everyone 1.23 and 1.27, and other versions before 1.30, allows remote attackers to read arbitrary files via an HTTP request with ".." (dot-dot) sequences containing URL-encoded forward slash ("%2F") characters.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Radiobird Software | Webserver 4 All | 1.23 |
References
- http://www.idefense.com/application/poi/display?id=49&type=vulnerabilities&flash
- http://www.iss.net/security_center/static/10373.phpVendor Advisory
- http://www.securityfocus.com/bid/5968
- http://www.idefense.com/application/poi/display?id=49&type=vulnerabilities&flash
- http://www.iss.net/security_center/static/10373.phpVendor Advisory
- http://www.securityfocus.com/bid/5968
FAQ
What is CVE-2002-1213?
CVE-2002-1213 is a vulnerability with a CVSS score of 5.0 (MEDIUM). Directory traversal vulnerability in RadioBird Software WebServer 4 Everyone 1.23 and 1.27, and other versions before 1.30, allows remote attackers to read arbitrary files via an HTTP request with ".....
How severe is CVE-2002-1213?
CVE-2002-1213 has been rated MEDIUM with a CVSS base score of 5.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2002-1213?
Check the references section above for vendor advisories and patch information. Affected products include: Radiobird Software Webserver 4 All.