CVE-2005-3484

Published: Nov 3, 2005Modified: Apr 16, 2026

5.0

Vector

AV:N/AC:L/Au:N/C:P/I:N/A:N

Exploitability: 10.0 / Impact: 2.9

Source: NVD

Description

Directory traversal vulnerability in NeroNET 1.2.0.2 and earlier allows remote attackers to read arbitrary files with certain file extensions (such as ZIP, AVI, JPG, TXT, and HTML) via ".." and hex-encoded (1) slash "/" ("%2f") or (2) backslash "\" ("%5c") sequences.

Affected (1)

Products: Nero: Neronet

1 product

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Nero Neronet	Up to 1.2.0.2

References (10)

http://aluigi.altervista.org/adv/neronet-adv.txt

Source: cve@mitre.org

ExploitVendor Advisory

http://marc.info/?l=full-disclosure&m=113096009930152&w=2

Source: cve@mitre.org

http://secunia.com/advisories/17421

Source: cve@mitre.org

http://www.securityfocus.com/bid/15288

Source: cve@mitre.org

http://www.vupen.com/english/advisories/2005/2287

Source: cve@mitre.org

http://aluigi.altervista.org/adv/neronet-adv.txt

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitVendor Advisory

http://marc.info/?l=full-disclosure&m=113096009930152&w=2

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/17421

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/bid/15288

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.vupen.com/english/advisories/2005/2287

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.