CVE-2007-1896

Properties

Published:
08.04.2007
Updated:
17.10.2017
Patch available:
Severity:
Medium
CVSS vector:
(AV:N/AC:M/Au:N/C:P/I:P/A:N)
Product:
sky_gunning: myspeach
sky_gunning: myspeach
sky_gunning: myspeach
sky_gunning: myspeach

Vulnerability description

Directory traversal vulnerability in chat.php in Sky GUNNING MySpeach 3.0.7 and earlier allows remote attackers to include arbitrary local files via a .. (dot dot) and trailing %00 (NULL) in a my_ms[root] cookie.

References:

VUPEN: http://www.vupen.com/english/advisories/2007/1261
EXPLOIT-DB: https://www.exploit-db.com/exploits/3657