{"api_version":"1","generated_at":"2026-06-03T06:08:34+00:00","cve":"CVE-2005-3484","urls":{"html":"https://cve.report/CVE-2005-3484","api":"https://cve.report/api/cve/CVE-2005-3484.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2005-3484","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2005-3484"},"summary":{"title":"CVE-2005-3484","description":"Directory traversal vulnerability in NeroNET 1.2.0.2 and earlier allows remote attackers to read arbitrary files with certain file extensions (such as ZIP, AVI, JPG, TXT, and HTML) via \"..\" and hex-encoded (1) slash \"/\" (\"%2f\") or (2) backslash \"\\\" (\"%5c\") sequences.","state":"PUBLISHED","assigner":"mitre","published_at":"2005-11-03 22:02:00","updated_at":"2025-04-03 01:03:51"},"problem_types":["NVD-CWE-Other","n/a"],"metrics":[{"version":"2.0","source":"nvd@nist.gov","type":"Primary","score":"5","severity":"","vector":"AV:N/AC:L/Au:N/C:P/I:N/A:N","data":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:N/A:N","baseScore":5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"NONE","availabilityImpact":"NONE"}}],"references":[{"url":"http://aluigi.altervista.org/adv/neronet-adv.txt","name":"http://aluigi.altervista.org/adv/neronet-adv.txt","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Vendor Advisory"],"title":"","mime":"text/plain","httpstatus":"200","archivestatus":"200"},{"url":"http://www.securityfocus.com/bid/15288","name":"http://www.securityfocus.com/bid/15288","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"NeroNet Limited Directory Traversal Vulnerability","mime":"text/html","httpstatus":"200","archivestatus":"0"},{"url":"http://www.vupen.com/english/advisories/2005/2287","name":"http://www.vupen.com/english/advisories/2005/2287","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"Webmail : Solution de messagerie professionnelle - OVHcloud- OVH","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://marc.info/?l=full-disclosure&m=113096009930152&w=2","name":"http://marc.info/?l=full-disclosure&m=113096009930152&w=2","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"'[Full-disclosure] Limited directory traversal in NeroNET 1.2.0.2' - MARC","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://secunia.com/advisories/17421","name":"http://secunia.com/advisories/17421","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"NeroNET Directory Traversal Vulnerability - Secunia.com","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.cve.org/CVERecord?id=CVE-2005-3484","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2005-3484","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[{"source":"CNA","vendor":"n/a","product":"n/a","version":"affected n/a","platforms":[]}],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2005","cve_id":"3484","vulnerable":"1","versionEndIncluding":"1.2.0.2","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"nero","cpe5":"neronet","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[]},"source_records":{"cve_program":{"containers":{"adp":[{"providerMetadata":{"dateUpdated":"2024-08-07T23:17:22.374Z","orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE"},"references":[{"name":"20051102 Limited directory traversal in NeroNET 1.2.0.2","tags":["mailing-list","x_refsource_FULLDISC","x_transferred"],"url":"http://marc.info/?l=full-disclosure&m=113096009930152&w=2"},{"name":"15288","tags":["vdb-entry","x_refsource_BID","x_transferred"],"url":"http://www.securityfocus.com/bid/15288"},{"name":"17421","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/17421"},{"tags":["x_refsource_MISC","x_transferred"],"url":"http://aluigi.altervista.org/adv/neronet-adv.txt"},{"name":"ADV-2005-2287","tags":["vdb-entry","x_refsource_VUPEN","x_transferred"],"url":"http://www.vupen.com/english/advisories/2005/2287"}],"title":"CVE Program Container"}],"cna":{"affected":[{"product":"n/a","vendor":"n/a","versions":[{"status":"affected","version":"n/a"}]}],"datePublic":"2005-11-02T00:00:00.000Z","descriptions":[{"lang":"en","value":"Directory traversal vulnerability in NeroNET 1.2.0.2 and earlier allows remote attackers to read arbitrary files with certain file extensions (such as ZIP, AVI, JPG, TXT, and HTML) via \"..\" and hex-encoded (1) slash \"/\" (\"%2f\") or (2) backslash \"\\\" (\"%5c\") sequences."}],"problemTypes":[{"descriptions":[{"description":"n/a","lang":"en","type":"text"}]}],"providerMetadata":{"dateUpdated":"2016-10-17T13:57:01.000Z","orgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","shortName":"mitre"},"references":[{"name":"20051102 Limited directory traversal in NeroNET 1.2.0.2","tags":["mailing-list","x_refsource_FULLDISC"],"url":"http://marc.info/?l=full-disclosure&m=113096009930152&w=2"},{"name":"15288","tags":["vdb-entry","x_refsource_BID"],"url":"http://www.securityfocus.com/bid/15288"},{"name":"17421","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/17421"},{"tags":["x_refsource_MISC"],"url":"http://aluigi.altervista.org/adv/neronet-adv.txt"},{"name":"ADV-2005-2287","tags":["vdb-entry","x_refsource_VUPEN"],"url":"http://www.vupen.com/english/advisories/2005/2287"}],"x_legacyV4Record":{"CVE_data_meta":{"ASSIGNER":"cve@mitre.org","ID":"CVE-2005-3484","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"n/a","version":{"version_data":[{"version_value":"n/a"}]}}]},"vendor_name":"n/a"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"Directory traversal vulnerability in NeroNET 1.2.0.2 and earlier allows remote attackers to read arbitrary files with certain file extensions (such as ZIP, AVI, JPG, TXT, and HTML) via \"..\" and hex-encoded (1) slash \"/\" (\"%2f\") or (2) backslash \"\\\" (\"%5c\") sequences."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"n/a"}]}]},"references":{"reference_data":[{"name":"20051102 Limited directory traversal in NeroNET 1.2.0.2","refsource":"FULLDISC","url":"http://marc.info/?l=full-disclosure&m=113096009930152&w=2"},{"name":"15288","refsource":"BID","url":"http://www.securityfocus.com/bid/15288"},{"name":"17421","refsource":"SECUNIA","url":"http://secunia.com/advisories/17421"},{"name":"http://aluigi.altervista.org/adv/neronet-adv.txt","refsource":"MISC","url":"http://aluigi.altervista.org/adv/neronet-adv.txt"},{"name":"ADV-2005-2287","refsource":"VUPEN","url":"http://www.vupen.com/english/advisories/2005/2287"}]}}}},"cveMetadata":{"assignerOrgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","assignerShortName":"mitre","cveId":"CVE-2005-3484","datePublished":"2005-11-03T22:00:00.000Z","dateReserved":"2005-11-03T00:00:00.000Z","dateUpdated":"2024-08-07T23:17:22.374Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.1"},"nvd":{"publishedDate":"2005-11-03 22:02:00","lastModifiedDate":"2025-04-03 01:03:51","problem_types":["NVD-CWE-Other","n/a"],"metrics":{"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:N/A:N","baseScore":5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"NONE","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":10,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:nero:neronet:*:*:*:*:*:*:*:*","versionEndIncluding":"1.2.0.2","matchCriteriaId":"05901785-5CAF-4D3A-A4EA-D46196EB17DD"}]}]}]},"legacy_mitre":{"record":{"CveYear":"2005","CveId":"3484","Ordinal":"1","Title":"CVE-2005-3484","CVE":"CVE-2005-3484","Year":"2005"},"notes":[{"CveYear":"2005","CveId":"3484","Ordinal":"1","NoteData":"Directory traversal vulnerability in NeroNET 1.2.0.2 and earlier allows remote attackers to read arbitrary files with certain file extensions (such as ZIP, AVI, JPG, TXT, and HTML) via \"..\" and hex-encoded (1) slash \"/\" (\"%2f\") or (2) backslash \"\\\" (\"%5c\") sequences.","Type":"Description","Title":"CVE-2005-3484"},{"CveYear":"2005","CveId":"3484","Ordinal":"2","NoteData":"2005-11-03","Type":"Other","Title":"Published"},{"CveYear":"2005","CveId":"3484","Ordinal":"3","NoteData":"2016-10-17","Type":"Other","Title":"Modified"}]}}}