CVE-2011-1589

CVSS V2 Medium 5 CVSS V3 None
Description
Directory traversal vulnerability in Path.pm in Mojolicious before 1.16 allows remote attackers to read arbitrary files via a %2f..%2f (encoded slash dot dot slash) in a URI.
Overview
  • CVE ID
  • CVE-2011-1589
  • Assigner
  • secalert@redhat.com
  • Vulnerability Status
  • Modified
  • Published Version
  • 2011-04-29T22:55:02
  • Last Modified Date
  • 2017-08-17T01:34:16
CPE Configuration (Product)
CPE Vulnerable Operator Version Start Version End
cpe:2.3:a:mojolicious:mojolicious:0.2:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:mojolicious:mojolicious:0.3:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:mojolicious:mojolicious:0.4:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:mojolicious:mojolicious:0.5:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:mojolicious:mojolicious:0.6:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:mojolicious:mojolicious:0.7:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:mojolicious:mojolicious:0.8:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:mojolicious:mojolicious:0.8.1:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:mojolicious:mojolicious:0.8.2:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:mojolicious:mojolicious:0.8.3:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:mojolicious:mojolicious:0.8.4:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:mojolicious:mojolicious:0.8.5:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:mojolicious:mojolicious:0.9:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:mojolicious:mojolicious:0.8006:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:mojolicious:mojolicious:0.8007:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:mojolicious:mojolicious:0.8008:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:mojolicious:mojolicious:0.8009:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:mojolicious:mojolicious:0.9001:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:mojolicious:mojolicious:0.9002:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:mojolicious:mojolicious:0.991231:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:mojolicious:mojolicious:0.991232:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:mojolicious:mojolicious:0.991233:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:mojolicious:mojolicious:0.991234:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:mojolicious:mojolicious:0.991235:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:mojolicious:mojolicious:0.991236:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:mojolicious:mojolicious:0.991237:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:mojolicious:mojolicious:0.991238:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:mojolicious:mojolicious:0.991239:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:mojolicious:mojolicious:0.991240:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:mojolicious:mojolicious:0.991241:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:mojolicious:mojolicious:0.991242:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:mojolicious:mojolicious:0.991243:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:mojolicious:mojolicious:0.991244:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:mojolicious:mojolicious:0.991245:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:mojolicious:mojolicious:0.991246:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:mojolicious:mojolicious:0.991250:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:mojolicious:mojolicious:0.991251:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:mojolicious:mojolicious:0.999901:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:mojolicious:mojolicious:0.999902:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:mojolicious:mojolicious:0.999903:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:mojolicious:mojolicious:0.999904:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:mojolicious:mojolicious:0.999905:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:mojolicious:mojolicious:0.999906:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:mojolicious:mojolicious:0.999907:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:mojolicious:mojolicious:0.999908:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:mojolicious:mojolicious:0.999909:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:mojolicious:mojolicious:0.999910:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:mojolicious:mojolicious:0.999911:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:mojolicious:mojolicious:0.999912:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:mojolicious:mojolicious:0.999913:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:mojolicious:mojolicious:0.999914:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:mojolicious:mojolicious:0.999920:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:mojolicious:mojolicious:0.999921:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:mojolicious:mojolicious:0.999922:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:mojolicious:mojolicious:0.999923:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:mojolicious:mojolicious:0.999924:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:mojolicious:mojolicious:0.999925:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:mojolicious:mojolicious:0.999926:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:mojolicious:mojolicious:0.999927:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:mojolicious:mojolicious:0.999928:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:mojolicious:mojolicious:0.999929:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:mojolicious:mojolicious:0.999930:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:mojolicious:mojolicious:0.999931:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:mojolicious:mojolicious:0.999932:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:mojolicious:mojolicious:0.999933:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:mojolicious:mojolicious:0.999934:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:mojolicious:mojolicious:0.999935:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:mojolicious:mojolicious:0.999936:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:mojolicious:mojolicious:0.999937:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:mojolicious:mojolicious:0.999938:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:mojolicious:mojolicious:0.999939:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:mojolicious:mojolicious:0.999940:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:mojolicious:mojolicious:0.999941:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:mojolicious:mojolicious:0.999950:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:mojolicious:mojolicious:1.0:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:mojolicious:mojolicious:1.1:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:mojolicious:mojolicious:1.01:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:mojolicious:mojolicious:1.11:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:mojolicious:mojolicious:1.12:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:mojolicious:mojolicious:1.13:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:mojolicious:mojolicious:1.14:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:mojolicious:mojolicious:1.15:*:*:*:*:*:*:* 1 OR
CVSS Version 2
  • Version
  • 2.0
  • Vector String
  • AV:N/AC:L/Au:N/C:P/I:N/A:N
  • Access Vector
  • NETWORK
  • Access Compatibility
  • LOW
  • Authentication
  • NONE
  • Confidentiality Impact
  • PARTIAL
  • Integrity Impact
  • NONE
  • Availability Impact
  • NONE
  • Base Score
  • 5
  • Severity
  • MEDIUM
  • Exploitability Score
  • 10
  • Impact Score
  • 2.9
History
Created Old Value New Value Data Type Notes
2022-05-10 08:54:46 Added to TrackCVE