CVE-2002-0266

{"id": "CVE-2002-0266", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 5.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2002-05-29T04:00:00.000", "references": [{"url": "http://marc.info/?l=bugtraq&m=101301228031165&w=2", "source": "cve@mitre.org"}, {"url": "http://marc.info/?l=bugtraq&m=101346478229431&w=2", "source": "cve@mitre.org"}, {"url": "http://www.iss.net/security_center/static/8103.php", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/4035", "source": "cve@mitre.org"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-Other"}]}], "descriptions": [{"lang": "en", "value": "Thunderstone Texis CGI script allows remote attackers to obtain the full path of the web root via a request for a nonexistent file, which generates an error message that includes the full pathname."}, {"lang": "es", "value": "El script CGI Thunderstone Texis permite que atacantes remotos obtengan el path absoluto del web mediante una petici\u00f3n de fichero inexistente. Esto genera un mensaje de error que contiene el path completo."}], "lastModified": "2016-10-18T02:17:57.110", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:thunderstone_software:texis:3.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2E20DF06-1C75-444B-8312-9D6A010ED131"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}