Multiple PacketVideo Products Directory Traversal Vulnerability
BID:53265
Info
Multiple PacketVideo Products Directory Traversal Vulnerability
| Bugtraq ID: | 53265 |
| Class: | Input Validation Error |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Apr 26 2012 12:00AM |
| Updated: | Apr 26 2012 12:00AM |
| Credit: | r@b13$ |
| Vulnerable: |
Packetvideo TwonkyServer 0 Packetvideo Twonkymedia 0 Packetvideo TwonkyManager 3.0 Packetvideo Twonky 7.0 |
| Not Vulnerable: | |
Discussion
Multiple PacketVideo Products Directory Traversal Vulnerability
Multiple PacketVideo Products are prone to a directory-traversal vulnerability because it fails to sufficiently sanitize user-supplied input.
Exploiting this issue will allow an attacker to view arbitrary files within the context of the web server. Information harvested may aid in launching further attacks.
Multiple PacketVideo Products are prone to a directory-traversal vulnerability because it fails to sufficiently sanitize user-supplied input.
Exploiting this issue will allow an attacker to view arbitrary files within the context of the web server. Information harvested may aid in launching further attacks.
Exploit / POC
Multiple PacketVideo Products Directory Traversal Vulnerability
An attacker can exploit this issue with a web browser.
An attacker can exploit this issue with a web browser.
Solution / Fix
Multiple PacketVideo Products Directory Traversal Vulnerability
Solution:
Currently we are not aware of any vendor-supplied patches. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Solution:
Currently we are not aware of any vendor-supplied patches. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
References
Multiple PacketVideo Products Directory Traversal Vulnerability
References:
References:
- Twonky Homepage (PacketVideo Corporation)
- DDIVRT-2012-40 PacketVideo TwonkyServer and TwonkyMedia Directory Traversal ([email protected])