GNU GNUMP3D 2.9.2

CPE Details

GNU GNUMP3D 2.9.2
gnu
gnump3d
2.9.2
2007-08-23
19h16 +00:00
2007-09-14
15h36 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:gnu:gnump3d:2.9.2:*:*:*:*:*:*:*

Informations

Vendor

gnu

Product

gnump3d

Version

2.9.2

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2019-3697 2020-01-24 12h10 +00:00 UNIX Symbolic Link (Symlink) Following vulnerability in the packaging of gnump3d in openSUSE Leap 15.1 allows local attackers to escalate from user gnump3d to root. This issue affects: openSUSE Leap 15.1 gnump3d version 3.0-lp151.2.1 and prior versions.
7.8
High
CVE-2005-3349 2005-11-18 21h00 +00:00 GNU Gnump3d before 2.9.8 allows local users to modify or delete arbitrary files via a symlink attack on the index.lok temporary file.
1.9
CVE-2005-3355 2005-11-18 21h00 +00:00 Directory traversal vulnerability in GNU Gnump3d before 2.9.8 has unknown impact via "CGI parameters, and cookie values".
6.4
CVE-2005-3424 2005-11-01 21h00 +00:00 Cross-site scripting (XSS) vulnerability in GNUMP3D before 2.9.5 allows remote attackers to inject arbitrary web script or HTML via 404 error pages, a different vulnerability than CVE-2005-3425.
4.3
CVE-2005-3425 2005-11-01 21h00 +00:00 Cross-site scripting (XSS) vulnerability in GNUMP3D before 2.9.6 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2005-3424.
4.3
CVE-2005-3123 2005-10-30 19h00 +00:00 Directory traversal vulnerability in GNUMP3D before 2.9.6 allows remote attackers to read arbitrary files via crafted sequences such as "/.//..//////././", which is collapsed into "/.././" after ".." and "//" sequences are removed.
5