CVE-2006-3488

{"id": "CVE-2006-3488", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 5.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2006-07-10T22:05:00.000", "references": [{"url": "http://securitytracker.com/id?1016421", "source": "cve@mitre.org"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-Other"}]}], "descriptions": [{"lang": "en", "value": "Absolute path traversal vulnerability in administrador.asp in VirtuaStore 2.0 allows remote attackers to possibly read arbitrary directories or files via an absolute path with Windows drive letter in the Pasta parameter when link=util, acao=ftp, and acaba=sim."}, {"lang": "es", "value": "Vulnerabilidad de salto de ruta absoluto en administrador.asp in VirtuaStore 2.0 permite a atacantes remotos posiblemente leer directorios o archivos de su elecci\u00f3n a trav\u00e9s de una ruta absoluta con una letra de dispositivo de Windows en el par\u00e1metro Pasta cuando link=util, acao=ftp y acaba=sim."}], "lastModified": "2008-09-05T21:07:16.937", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:virtuastore:virtuastore:2.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "506E6135-7767-4611-BCE8-7AD6FB977318"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}