Directory traversal vulnerability in Advanced Electron Forum (AEF) 1.x allows remote attackers to determine the existence of arbitrary files via the avatargalfile parameter when changing an avatar, which leaks the existence of the file in an error message. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
References
Link | Resource |
---|---|
http://osvdb.org/55926 | |
http://secunia.com/advisories/35646 | Vendor Advisory |
https://exchange.xforce.ibmcloud.com/vulnerabilities/51776 |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2009-07-20T19:25:00
Updated: 2017-08-16T14:57:01
Reserved: 2009-07-20T00:00:00
Link: CVE-2009-2546
JSON object: View
NVD Information
Status : Modified
Published: 2009-07-20T20:00:11.717
Modified: 2017-08-17T01:30:48.163
Link: CVE-2009-2546
JSON object: View
Redhat Information
No data.
CWE