Vulnerability Description
Directory traversal vulnerability in misc in pbcs.dll in SAXoTECH SAXoPRESS, aka Saxotech Online (formerly Publicus) allows remote attackers to read arbitrary files and possibly execute arbitrary programs via a .. (dot dot) in the url parameter.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Saxotech | Saxopress | All versions |
References
- http://secunia.com/advisories/19566Vendor Advisory
- http://www.securityfocus.com/archive/1/430707/100/0/threaded
- http://www.securityfocus.com/archive/1/431037/30/5580/threaded
- http://www.securityfocus.com/bid/17474Exploit
- http://www.vupen.com/english/advisories/2006/1327
- https://exchange.xforce.ibmcloud.com/vulnerabilities/25768
- http://secunia.com/advisories/19566Vendor Advisory
- http://www.securityfocus.com/archive/1/430707/100/0/threaded
- http://www.securityfocus.com/archive/1/431037/30/5580/threaded
- http://www.securityfocus.com/bid/17474Exploit
- http://www.vupen.com/english/advisories/2006/1327
- https://exchange.xforce.ibmcloud.com/vulnerabilities/25768
FAQ
What is CVE-2006-1771?
CVE-2006-1771 is a vulnerability with a CVSS score of 7.5 (HIGH). Directory traversal vulnerability in misc in pbcs.dll in SAXoTECH SAXoPRESS, aka Saxotech Online (formerly Publicus) allows remote attackers to read arbitrary files and possibly execute arbitrary prog...
How severe is CVE-2006-1771?
CVE-2006-1771 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2006-1771?
Check the references section above for vendor advisories and patch information. Affected products include: Saxotech Saxopress.