A path traversal vulnerability exists in viewcgi.c in the 2.0.7 through 2.2.26 legacy versions of the NCBI ToolBox, which may result in reading of arbitrary files (i.e., significant information disclosure) or file deletion via the nph-viewgif.cgi query string.
References
Link | Resource |
---|---|
https://github.com/grymer/CVE/blob/master/CVE-2018-16716.md | Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2019-05-02T19:19:48
Updated: 2019-05-02T19:19:48
Reserved: 2018-09-08T00:00:00
Link: CVE-2018-16716
JSON object: View
NVD Information
Status : Analyzed
Published: 2019-05-02T20:29:00.307
Modified: 2019-05-03T19:07:29.857
Link: CVE-2018-16716
JSON object: View
Redhat Information
No data.
CWE