CVE-2005-3484

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "http://aluigi.altervista.org/adv/neronet-adv.txt", "name": "http://aluigi.altervista.org/adv/neronet-adv.txt", "tags": ["Exploit", "Vendor Advisory"], "refsource": "MISC"}, {"url": "http://www.securityfocus.com/bid/15288", "name": "15288", "tags": [], "refsource": "BID"}, {"url": "http://secunia.com/advisories/17421", "name": "17421", "tags": [], "refsource": "SECUNIA"}, {"url": "http://www.vupen.com/english/advisories/2005/2287", "name": "ADV-2005-2287", "tags": [], "refsource": "VUPEN"}, {"url": "http://marc.info/?l=full-disclosure&m=113096009930152&w=2", "name": "20051102 Limited directory traversal in NeroNET 1.2.0.2", "tags": [], "refsource": "FULLDISC"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "Directory traversal vulnerability in NeroNET 1.2.0.2 and earlier allows remote attackers to read arbitrary files with certain file extensions (such as ZIP, AVI, JPG, TXT, and HTML) via \"..\" and hex-encoded (1) slash \"/\" (\"%2f\") or (2) backslash \"\\\" (\"%5c\") sequences."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2005-3484", "ASSIGNER": "cve@mitre.org"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 5.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "severity": "MEDIUM", "impactScore": 2.9, "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}}, "publishedDate": "2005-11-03T22:02Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:nero:neronet:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndIncluding": "1.2.0.2"}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2016-10-18T03:35Z"}