Skip to main content

View CVE-2012-5978

MEDIUM
Path Traversal (CWE-22)
2012-12-19 cve@mitre.org
5.0
CVSS 2.0 · NVD
Share

Severity by source

NVD PRIMARY
5.0 MEDIUM
AV:N/AC:L/Au:N/C:P/I:N/A:N

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

AV:N/AC:L/Au:N/C:P/I:N/A:N
Attack Vector
Network
Attack Complexity
Low
Confidentiality
P
Integrity
None
Availability
None

Lifecycle Timeline

1
CVE Published
Dec 19, 2012 - 11:56 cve.org
MEDIUM 5.0

DescriptionCVE.org

Multiple directory traversal vulnerabilities in the (1) View Connection Server and (2) View Security Server in VMware View 4.x before 4.6.2 and 5.x before 5.1.2 allow remote attackers to read arbitrary files via unspecified vectors.

AnalysisAI

Multiple directory traversal vulnerabilities in the (1) View Connection Server and (2) View Security Server in VMware View 4.x before 4.6.2 and 5.x before 5.1.2 allow remote attackers to read. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Technical ContextAI

This vulnerability is classified as Path Traversal (CWE-22), which allows attackers to access files and directories outside the intended path. Multiple directory traversal vulnerabilities in the (1) View Connection Server and (2) View Security Server in VMware View 4.x before 4.6.2 and 5.x before 5.1.2 allow remote attackers to read arbitrary files via unspecified vectors. Affected products include: Vmware View. Version information: before 4.6.2.

RemediationAI

No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Validate and canonicalize file paths. Use chroot or sandboxing. Reject input containing path separators or '../' sequences.

More in View

View all
CVE-2013-1406 HIGH POC
7.2 Feb 11

The Virtual Machine Communication Interface (VMCI) implementation in vmci.sys in VMware Workstation 8.x before 8.0.5 and

CVE-2012-1666 MEDIUM POC
6.9 Sep 08

Untrusted search path vulnerability in VMware Tools in VMware Workstation before 8.0.4, VMware Player before 4.0.4, VMwa

CVE-2022-42901 HIGH
7.8 Oct 13

Bentley MicroStation and MicroStation-based applications may be affected by out-of-bounds and stack overflow issues when

CVE-2022-42900 HIGH
7.8 Oct 13

Bentley MicroStation and MicroStation-based applications may be affected by out-of-bounds read issues when opening craft

CVE-2022-42899 HIGH
7.8 Oct 13

Bentley MicroStation and MicroStation-based applications may be affected by out-of-bounds read and stack overflow issues

CVE-2012-1510 HIGH
7.2 Mar 16

Buffer overflow in the WDDM display driver in VMware ESXi 4.0, 4.1, and 5.0; VMware ESX 4.0 and 4.1; and VMware View bef

CVE-2012-1509 HIGH
7.2 Mar 16

Buffer overflow in the XPDM display driver in VMware View before 4.6.1 allows guest OS users to gain guest OS privileges

CVE-2012-1508 HIGH
7.2 Mar 16

The XPDM display driver in VMware ESXi 4.0, 4.1, and 5.0; VMware ESX 4.0 and 4.1; and VMware View before 4.6.1 allows gu

CVE-2012-1511 MEDIUM
4.3 Mar 16

Cross-site scripting (XSS) vulnerability in View Manager Portal in VMware View before 4.6.1 allows remote attackers to i

CVE-2022-35906 LOW
3.3 Jul 15

An issue was discovered in Bentley MicroStation before 10.17.0.x and Bentley View before 10.17.0.x. Rated low severity (

CVE-2022-35905 LOW
3.3 Jul 15

An issue was discovered in Bentley MicroStation before 10.17.0.x and Bentley View before 10.17.0.x. Rated low severity (

CVE-2022-35904 LOW
3.3 Jul 15

An issue was discovered in Bentley MicroStation before 10.17.0.x and Bentley View before 10.17.0.x. Rated low severity (

Share

CVE-2012-5978 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy