CVE-2008-2432

EPSS 0.86%
Published 26.11.2008 01:30:00
Last modified 09.04.2025 00:30:58
Source PSIRT-CNA@flexerasoftware.com
Teams watchlist Login
Open Login

Insecure method vulnerability in the GetFileList method in an unspecified ActiveX control in Novell iPrint Client before 5.06 allows remote attackers to list the image files in an arbitrary directory via a directory name in the argument.

Affected products Warnungen 0 Metrics 2 CWE 1 References 6

Data is provided by the National Vulnerability Database (NVD)

Novell ≫ Iprint Version <= 5.04

Novell ≫ Iprint Version4.26

Novell ≫ Iprint Version4.27

Novell ≫ Iprint Version4.28

Novell ≫ Iprint Version4.30

Novell ≫ Iprint Version4.32

Novell ≫ Iprint Version4.34

Novell ≫ Iprint Version4.36

Novell ≫ Iprint Version4.38

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.86%	0.729

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	5	10	2.9	AV:N/AC:L/Au:N/C:P/I:N/A:N

CWE-200 Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

http://secunia.com/advisories/30667

Vendor Advisory

http://www.securityfocus.com/bid/30813

http://secunia.com/secunia_research/2008-30/advisory/

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2008-2432

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2008-2432

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2008-2432

EUVD