CVE-2007-5685 in shttpinfo

Summary

The safe_path function in shttp before 0.0.5 allows remote attackers to conduct directory traversal attacks and read files via a combination of ".." and sub-directory specifiers that resolve to a pathname that is at or below the same level as the web document root, but in a different part of the directory tree.

VulDB is the best source for vulnerability data and more expert information about this specific topic.

Reservation

10/28/2007

Disclosure

10/28/2007

Moderation

VulDB entry created

Entries

1: VDB-39435

CPE

ready

CWE

CWE-22 (Confirmed)

Exploit

Download

CVSS

5.3

EPSS

0.06650

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2007-5685
NVD	https://nvd.nist.gov/vuln/detail/CVE-2007-5685
CVE Details	https://www.cvedetails.com/cve/CVE-2007-5685/

◂ Previous Overview Next ▸

Want to know what is going to be exploited?

We predict KEV entries!