CVE-2006-1340 — MEDIUM (5.0)

Q: What is CVE-2006-1340?

CVE-2006-1340 is a vulnerability with a CVSS score of 5.0 (MEDIUM). CuteNews 1.4.1 and possibly other versions allows remote attackers to obtain the installation path via unspecified vectors involving an invalid file path.

Q: How severe is CVE-2006-1340?

CVE-2006-1340 has been rated MEDIUM with a CVSS base score of 5.0/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2006-1340?

Check the references section above for vendor advisories and patch information. Affected products include: Cutephp Cutenews.

Vulnerability Description

CuteNews 1.4.1 and possibly other versions allows remote attackers to obtain the installation path via unspecified vectors involving an invalid file path.

CVSS Score

5.0

MEDIUM

AV:N/AC:L/Au:N/C:P/I:N/A:N

Confidentiality

PARTIAL

Integrity

NONE

Availability

NONE

Affected Products

Vendor	Product	Versions
Cutephp	Cutenews	<= 1.4.1

References

http://hamid.ir/security/cutenews.txtExploit
http://secunia.com/advisories/19289ExploitVendor Advisory
http://www.securityfocus.com/archive/1/428434/100/0/threaded
http://www.securityfocus.com/bid/17152Exploit
http://hamid.ir/security/cutenews.txtExploit
http://secunia.com/advisories/19289ExploitVendor Advisory
http://www.securityfocus.com/archive/1/428434/100/0/threaded
http://www.securityfocus.com/bid/17152Exploit

FAQ

What is CVE-2006-1340?

CVE-2006-1340 is a vulnerability with a CVSS score of 5.0 (MEDIUM). CuteNews 1.4.1 and possibly other versions allows remote attackers to obtain the installation path via unspecified vectors involving an invalid file path.

How severe is CVE-2006-1340?

CVE-2006-1340 has been rated MEDIUM with a CVSS base score of 5.0/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2006-1340?

Check the references section above for vendor advisories and patch information. Affected products include: Cutephp Cutenews.