CVE Vulnerability

CVE-2008-2432

Insecure method vulnerability in the GetFileList method in an unspecified ActiveX control in Novell iPrint Client before 5.06 allows remote attackers to list the image files in an arbitrary directory via a directory name in the argument.

5 /10

CVSS v2.0 :

V3 Legend

Vector :

Exploitability : 10 / Impact : 2.9

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Confidentiality Impact PARTIAL

Integrity Impact NONE

Availability Impact NONE

Scope

References
Link Resource
http://secunia.com/advisories/30667 Vendor Advisory
http://secunia.com/secunia_research/2008-30/advisory/ Vendor Advisory
http://www.securityfocus.com/bid/30813
Configurations

Configuration 1

cpe:2.3:a:novell:iprint:4.34:*:*:*:*:*:*:*
cpe:2.3:a:novell:iprint:4.38:*:*:*:*:*:*:*
cpe:2.3:a:novell:iprint:4.27:*:*:*:*:*:*:*
cpe:2.3:a:novell:iprint:4.32:*:*:*:*:*:*:*
cpe:2.3:a:novell:iprint:*:*:*:*:*:*:*:*
cpe:2.3:a:novell:iprint:4.26:*:*:*:*:*:*:*
cpe:2.3:a:novell:iprint:4.36:*:*:*:*:*:*:*
cpe:2.3:a:novell:iprint:4.28:*:*:*:*:*:*:*
cpe:2.3:a:novell:iprint:4.30:*:*:*:*:*:*:*
Information

Published : 2008-11-26 01:30

Updated : 2008-11-26 05:00

NVD link : CVE-2008-2432

Mitre link : CVE-2008-2432

Products Affected
No products.
CWE
CWE-200