{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2011-07-28T00:00:00", "descriptions": [{"lang": "en", "value": "Directory traversal vulnerability in soup-uri.c in SoupServer in libsoup before 2.35.4 allows remote attackers to read arbitrary files via a %2e%2e (encoded dot dot) in a URI."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2012-01-19T10:00:00", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat"}, "references": [{"name": "47299", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/47299"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://git.gnome.org/browse/libsoup/tree/NEWS"}, {"name": "FEDORA-2011-9763", "tags": ["vendor-advisory", "x_refsource_FEDORA"], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-August/063431.html"}, {"name": "RHSA-2011:1102", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://www.redhat.com/support/errata/RHSA-2011-1102.html"}, {"name": "1025864", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id?1025864"}, {"name": "DSA-2369", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "http://www.debian.org/security/2011/dsa-2369"}, {"tags": ["x_refsource_MISC"], "url": "https://bugzilla.gnome.org/show_bug.cgi?id=653258"}, {"name": "USN-1181-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "http://www.ubuntu.com/usn/USN-1181-1"}]}}, "cveMetadata": {"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2011-2524", "datePublished": "2011-08-31T23:00:00", "dateReserved": "2011-06-15T00:00:00", "dateUpdated": "2012-01-19T10:00:00", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:gnome:libsoup:*:*:*:*:*:*:*:*", "matchCriteriaId": "8C5DD5AB-8CB2-4B2E-AE93-3754085845ED", "versionEndIncluding": "2.35.3", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnome:libsoup:2.0:*:*:*:*:*:*:*", "matchCriteriaId": "99EFB489-06D8-402D-8470-38551BCB2FC6", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnome:libsoup:2.2:*:*:*:*:*:*:*", "matchCriteriaId": "B1C82429-BB29-49E7-ADFA-EED16ED7AFC8", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnome:libsoup:2.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "9B9D7017-F606-4466-8F9A-817C6862AD95", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnome:libsoup:2.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "3619C616-7DAB-4035-9D23-2F2336954DBB", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnome:libsoup:2.2.2:*:*:*:*:*:*:*", "matchCriteriaId": "E672080A-06D2-4C2C-B3D1-BE679D5649BF", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnome:libsoup:2.2.3:*:*:*:*:*:*:*", "matchCriteriaId": "6B1B4616-3889-41B6-870F-37DC78A153FA", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnome:libsoup:2.2.4:*:*:*:*:*:*:*", "matchCriteriaId": "2E1E613A-B333-4E96-90BA-A2AD4363DEB8", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnome:libsoup:2.2.5:*:*:*:*:*:*:*", "matchCriteriaId": "8EEDB4A8-5593-47C3-92F3-F91476C0D4F1", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnome:libsoup:2.2.6:*:*:*:*:*:*:*", "matchCriteriaId": "FD001D38-16AB-4AFB-9DC6-F7A340436E2B", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnome:libsoup:2.2.6.1:*:*:*:*:*:*:*", "matchCriteriaId": "6D5398E1-3FB1-4BEA-9278-F9C041A34BD2", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnome:libsoup:2.2.7:*:*:*:*:*:*:*", "matchCriteriaId": "C03F3575-9B90-419C-A5A5-5535F537F096", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnome:libsoup:2.2.91:*:*:*:*:*:*:*", "matchCriteriaId": "467EDDA7-DA81-4DC5-815F-9D1B394CB02F", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnome:libsoup:2.2.92:*:*:*:*:*:*:*", "matchCriteriaId": "63FE3D88-0596-479B-8E38-E47C7FA04397", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnome:libsoup:2.2.93:*:*:*:*:*:*:*", "matchCriteriaId": "BF7DEA94-7E9C-457B-B095-66CC23E9681F", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnome:libsoup:2.2.94:*:*:*:*:*:*:*", "matchCriteriaId": "0F806A86-1250-49EE-992A-09574191D087", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnome:libsoup:2.2.95.1:*:*:*:*:*:*:*", "matchCriteriaId": "E72DA717-D352-4DCB-BBF9-231284B945F8", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnome:libsoup:2.2.96:*:*:*:*:*:*:*", "matchCriteriaId": "19FD71C4-0D7E-4E32-ABFB-35D2943AFC5C", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnome:libsoup:2.2.97:*:*:*:*:*:*:*", "matchCriteriaId": "3AE675A3-B03B-4417-8671-F289604C2291", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnome:libsoup:2.2.98:*:*:*:*:*:*:*", "matchCriteriaId": "5AE3AD41-FAEA-41CE-8317-89E76BE9FE68", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnome:libsoup:2.2.99:*:*:*:*:*:*:*", "matchCriteriaId": "0DD23A95-C65E-4C2E-BAAC-0D8364A1DBF8", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnome:libsoup:2.2.100:*:*:*:*:*:*:*", "matchCriteriaId": "969CB6C0-AD9B-4F48-B77A-0BE3F56B0B22", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnome:libsoup:2.2.101:*:*:*:*:*:*:*", "matchCriteriaId": "95B2D824-7560-4779-A844-07D86C2CCAAB", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnome:libsoup:2.2.102:*:*:*:*:*:*:*", "matchCriteriaId": "EBCC06A9-A79D-4CB2-ADCD-AC1987E2790B", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnome:libsoup:2.2.103:*:*:*:*:*:*:*", "matchCriteriaId": "25DE1614-7F35-4484-BE88-F9C4D9935EC1", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnome:libsoup:2.2.104:*:*:*:*:*:*:*", "matchCriteriaId": "1756B5C1-18E1-4C6D-89AD-17432B29EBB9", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnome:libsoup:2.3.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "22EA54CB-F7C9-4B17-9118-BA335B9E8D46", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnome:libsoup:2.3.2:*:*:*:*:*:*:*", "matchCriteriaId": "0C43A424-B38A-4819-AFC3-3532C447DF9F", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnome:libsoup:2.3.4:*:*:*:*:*:*:*", "matchCriteriaId": "3C994C81-6B80-47E8-AD70-B2DC7BF12209", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnome:libsoup:2.4.0:*:*:*:*:*:*:*", "matchCriteriaId": "FC08FAE6-B41F-41B8-B819-F582DBEA918A", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnome:libsoup:2.4.1:*:*:*:*:*:*:*", "matchCriteriaId": "6D6E08FA-E647-42B7-A033-806DAC1F4951", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnome:libsoup:2.23.1:*:*:*:*:*:*:*", "matchCriteriaId": "2752C2FA-7627-4488-88A5-5E6F76FC8F3D", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnome:libsoup:2.23.6:*:*:*:*:*:*:*", "matchCriteriaId": "1F4AE3DE-5379-47A0-9BDC-AB49323F85C1", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnome:libsoup:2.23.91:*:*:*:*:*:*:*", "matchCriteriaId": "896575A0-8B7B-43BE-A653-0BEF54E3049B", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnome:libsoup:2.23.92:*:*:*:*:*:*:*", "matchCriteriaId": "A02CCE6B-C774-4D9C-AD88-69D24651E1F0", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnome:libsoup:2.24.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "9299BB6F-DF57-427C-A0D0-7F872810420B", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnome:libsoup:2.24.1:*:*:*:*:*:*:*", "matchCriteriaId": "BEB94071-AB85-412E-A31B-29FD8189484D", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnome:libsoup:2.25.2:*:*:*:*:*:*:*", "matchCriteriaId": "0BC56735-58B1-4780-ABA9-32501C24B56F", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnome:libsoup:2.25.3:*:*:*:*:*:*:*", "matchCriteriaId": "72B7C474-9C79-4C1F-B0A3-A5780F87379A", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnome:libsoup:2.25.4:*:*:*:*:*:*:*", "matchCriteriaId": "BF3B6CBD-5F44-4FC6-83B7-41134055D1AB", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnome:libsoup:2.25.5:*:*:*:*:*:*:*", "matchCriteriaId": "832089BA-670E-40E1-A812-164F13FE29C1", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnome:libsoup:2.25.91:*:*:*:*:*:*:*", "matchCriteriaId": "6C76B162-8BCC-43A9-A00B-BEDC16F02C2E", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnome:libsoup:2.26.0:*:*:*:*:*:*:*", "matchCriteriaId": "42B5A587-2F23-42CB-BE0F-1F5A4E96AD06", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnome:libsoup:2.26.1:*:*:*:*:*:*:*", "matchCriteriaId": "C713940D-24D7-429F-B961-E3E1651F30C9", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnome:libsoup:2.27.1:*:*:*:*:*:*:*", "matchCriteriaId": "4C537C96-A138-4D5D-A657-E04D3E2B04AB", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnome:libsoup:2.27.2:*:*:*:*:*:*:*", "matchCriteriaId": "6C5EFE4E-ED20-4CB2-B0DE-D7A726F26221", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnome:libsoup:2.27.4:*:*:*:*:*:*:*", "matchCriteriaId": "99340F6B-F033-497F-AD66-655504495CBD", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnome:libsoup:2.27.5:*:*:*:*:*:*:*", "matchCriteriaId": "7DFE407F-7F02-4E08-9242-41E51A436F1D", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnome:libsoup:2.27.90:*:*:*:*:*:*:*", "matchCriteriaId": "A838EB16-BC34-4747-84E6-FD31718BC708", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnome:libsoup:2.27.91:*:*:*:*:*:*:*", "matchCriteriaId": "EB6F6369-34FD-47D2-A829-BB36CBAAA99A", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnome:libsoup:2.27.92:*:*:*:*:*:*:*", "matchCriteriaId": "054A96BA-6584-4D6B-AEB5-FE12209E5C69", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnome:libsoup:2.28.0:*:*:*:*:*:*:*", "matchCriteriaId": "0FAB459F-29F5-4AD9-95F4-95F5D05FE91B", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnome:libsoup:2.28.1:*:*:*:*:*:*:*", "matchCriteriaId": "9FFD7530-6548-4A91-9A0A-F80429368E4B", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnome:libsoup:2.29.3:*:*:*:*:*:*:*", "matchCriteriaId": "0B48661A-D82E-49D7-917C-3D6A3A7CE116", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnome:libsoup:2.29.5:*:*:*:*:*:*:*", "matchCriteriaId": "BA0FA486-3657-48DC-9E10-11EE8A1458B7", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnome:libsoup:2.29.6:*:*:*:*:*:*:*", "matchCriteriaId": "15F7CFA6-628D-4CF5-93EB-55519CF955EB", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnome:libsoup:2.29.90:*:*:*:*:*:*:*", "matchCriteriaId": "5D1878C5-80C7-4DC2-987C-1BC52E63A8C4", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnome:libsoup:2.29.91:*:*:*:*:*:*:*", "matchCriteriaId": "7D7E6439-AC14-4D45-BC73-C0BF7E79BE9D", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnome:libsoup:2.30.0:*:*:*:*:*:*:*", "matchCriteriaId": "C2E158D5-987A-4F93-82A0-CF74527CA210", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnome:libsoup:2.30.1:*:*:*:*:*:*:*", "matchCriteriaId": "CE0D94D2-D74A-448F-9DF5-4B4C23138E0A", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnome:libsoup:2.31.2:*:*:*:*:*:*:*", "matchCriteriaId": "0D363498-6F1D-4EEF-853D-905F1D95E62D", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnome:libsoup:2.31.6:*:*:*:*:*:*:*", "matchCriteriaId": "981AF805-9646-4913-B274-1969AFACC734", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnome:libsoup:2.31.90:*:*:*:*:*:*:*", "matchCriteriaId": "C1197161-E084-4485-BA72-B60C07469680", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnome:libsoup:2.31.92:*:*:*:*:*:*:*", "matchCriteriaId": "F9E91156-537E-4885-87C2-EC4BA8C2B306", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnome:libsoup:2.32.0:*:*:*:*:*:*:*", "matchCriteriaId": "9130A56A-2995-455A-8A51-1A0A85F3D38E", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnome:libsoup:2.32.1:*:*:*:*:*:*:*", "matchCriteriaId": "F3A81CD2-1192-4F9E-8BF4-BF86445E11AA", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnome:libsoup:2.32.2:*:*:*:*:*:*:*", "matchCriteriaId": "92398648-8754-4130-BA90-A54838AFA159", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnome:libsoup:2.33.4:*:*:*:*:*:*:*", "matchCriteriaId": "C536F346-4B27-4A53-A942-68531D9991A0", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnome:libsoup:2.33.5:*:*:*:*:*:*:*", "matchCriteriaId": "8F602177-543B-4A42-92C1-53F1573518FD", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnome:libsoup:2.33.6:*:*:*:*:*:*:*", "matchCriteriaId": "8011A42F-B7EF-44F2-BE9A-E2543EB1C808", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnome:libsoup:2.33.90:*:*:*:*:*:*:*", "matchCriteriaId": "EC3501F1-B153-4870-A7A4-741ACA848656", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnome:libsoup:2.33.92:*:*:*:*:*:*:*", "matchCriteriaId": "398B638B-9879-403D-9F55-59FCC8CE3F31", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnome:libsoup:2.34.0:*:*:*:*:*:*:*", "matchCriteriaId": "A16CBF8D-7411-4E16-81B0-47696F036C35", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnome:libsoup:2.34.1:*:*:*:*:*:*:*", "matchCriteriaId": "4AC22BA2-D63A-48F8-BF0F-90D664EA6856", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Directory traversal vulnerability in soup-uri.c in SoupServer in libsoup before 2.35.4 allows remote attackers to read arbitrary files via a %2e%2e (encoded dot dot) in a URI."}, {"lang": "es", "value": "Una vulnerabilidad de salto de directorio en la soup-uri.c en SoupServer en libsoup antes de v2.35.4 permite a atacantes remotos leer archivos de su elecci\u00f3n a trav\u00e9s de un %2e%2e (punto punto) en la URI."}], "id": "CVE-2011-2524", "lastModified": "2012-02-02T04:06:16.863", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2011-08-31T23:55:02.957", "references": [{"source": "secalert@redhat.com", "url": "http://git.gnome.org/browse/libsoup/tree/NEWS"}, {"source": "secalert@redhat.com", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-August/063431.html"}, {"source": "secalert@redhat.com", "url": "http://secunia.com/advisories/47299"}, {"source": "secalert@redhat.com", "url": "http://www.debian.org/security/2011/dsa-2369"}, {"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "http://www.redhat.com/support/errata/RHSA-2011-1102.html"}, {"source": "secalert@redhat.com", "url": "http://www.securitytracker.com/id?1025864"}, {"source": "secalert@redhat.com", "url": "http://www.ubuntu.com/usn/USN-1181-1"}, {"source": "secalert@redhat.com", "tags": ["Patch"], "url": "https://bugzilla.gnome.org/show_bug.cgi?id=653258"}], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-22"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}