CVE-2006-1323

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2006-1323
Directory traversal vulnerability in WinHKI 1.6 and earlier allows user-assisted attackers to overwrite arbitrary files via a (1) RAR, (2) TAR, (3) ZIP, or (4) TAR.GZ archive with a file whose file name contains ".." sequences.

5.1 /10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:H/Au:N/C:P/I:P/A:P

Exploitability : 4.9 / Impact : 6.4

Access Vector NETWORK

Access Complexity HIGH

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References
Link Resource
http://hamid.ir/security/winhki.txt
http://secunia.com/advisories/19296 Vendor Advisory
http://www.securityfocus.com/archive/1/428433/100/0/threaded
http://www.securityfocus.com/bid/17153
http://www.vupen.com/english/advisories/2006/1010
https://exchange.xforce.ibmcloud.com/vulnerabilities/25335
http://hamid.ir/security/winhki.txt
http://secunia.com/advisories/19296 Vendor Advisory
http://www.securityfocus.com/archive/1/428433/100/0/threaded
http://www.securityfocus.com/bid/17153
http://www.vupen.com/english/advisories/2006/1010
https://exchange.xforce.ibmcloud.com/vulnerabilities/25335
Configurations

Configuration 1 (hide)

cpe:2.3:a:webtoolmaster_software:winhki:*:*:*:*:*:*:*:*
History

21 Nov 2024, 00:08

Type Values Removed Values Added
References () http://hamid.ir/security/winhki.txt - () http://hamid.ir/security/winhki.txt -
References () http://secunia.com/advisories/19296 - Vendor Advisory () http://secunia.com/advisories/19296 - Vendor Advisory
References () http://www.securityfocus.com/archive/1/428433/100/0/threaded - () http://www.securityfocus.com/archive/1/428433/100/0/threaded -
References () http://www.securityfocus.com/bid/17153 - () http://www.securityfocus.com/bid/17153 -
References () http://www.vupen.com/english/advisories/2006/1010 - () http://www.vupen.com/english/advisories/2006/1010 -
References () https://exchange.xforce.ibmcloud.com/vulnerabilities/25335 - () https://exchange.xforce.ibmcloud.com/vulnerabilities/25335 -
Information

Published : 2006-03-20 22:02

Updated : 2024-11-21 00:08

NVD link : CVE-2006-1323

Mitre link : CVE-2006-1323

CVE.ORG link : CVE-2006-1323

JSON object : View

Products Affected

webtoolmaster_software

  • winhki
CWE
NVD-CWE-Other