CVE-2011-4880
published 2012-04-13CVE-2011-4880: Directory traversal vulnerability in the web server in Certec atvise webMI2ADS (aka webMI) before 2.0.2 allows remote attackers to read arbitrary files via a…
PriorityP339medium5CVSS 2.0
AVNACLAuNCPINAN
EXPLOIT
EPSS
5.53%
91.8th percentile
Directory traversal vulnerability in the web server in Certec atvise webMI2ADS (aka webMI) before 2.0.2 allows remote attackers to read arbitrary files via a crafted HTTP request.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| atvise | webmi2ads | <= 2.0.1 | — |
| atvise | webmi2ads | — | — |
| atvise | webmi2ads | — | — |
CVSS provenance
nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:P/I:N/A:N
vendor_redhat10.0CRITICAL
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-7qm4-x2fh-jx7w: Directory traversal vulnerability in the web server in Certec atvise webMI2ADS (aka webMI) before 2
ghsa_unreviewed·2022-05-17
CVE-2011-4880 [MEDIUM] CWE-22 GHSA-7qm4-x2fh-jx7w: Directory traversal vulnerability in the web server in Certec atvise webMI2ADS (aka webMI) before 2
Directory traversal vulnerability in the web server in Certec atvise webMI2ADS (aka webMI) before 2.0.2 allows remote attackers to read arbitrary files via a crafted HTTP request.
CISA ICS
Certec atvise webMI2ADS Vulnerabilities
cisa_ics·2018-08-23
Certec atvise webMI2ADS Vulnerabilities
## Archived Content In an effort to keep CISA.gov current, the archive contains outdated information that may not reflect current policy or programs.
ICS Advisory
##
Certec atvise webMI2ADS Vulnerabilities
Last RevisedAugust 23, 2018
Alert CodeICSA-12-102-01
## Overview
This advisory is a follow-up to the ICS-CERT alert titled ICS-ALERT-11-283-02 – Certec atvise webMI Vulnerabilities, released to the ICS-CERT web page on October 10, 2011.
Independent researcher Luigi Auriemma has identified vulnerabilities in Certec’s webMI2ADS application. These vulnerabilities and proof of concept code were disclosed without coordination with ICS-CERT, the vendor, or any other coordinating entity. Certec has produced an update that resolves these vulnerab
Red Hat
flash-plugin: mulitple code execution flaws (APSB11-28)
vendor_redhat·2011-11-10·CVSS 10.0
CVE-2011-2451 [CRITICAL] flash-plugin: mulitple code execution flaws (APSB11-28)
flash-plugin: mulitple code execution flaws (APSB11-28)
Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on Windows, Mac OS X, Linux, and Solaris and before 11.1.102.59 on Android, and Adobe AIR before 3.1.0.4880, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2445, CVE-2011-2452, CVE-2011-2453, CVE-2011-2454, CVE-2011-2455, CVE-2011-2459, and CVE-2011-2460.
Red Hat
flash-plugin: mulitple code execution flaws (APSB11-28)
vendor_redhat·2011-11-10·CVSS 10.0
CVE-2011-2455 [CRITICAL] flash-plugin: mulitple code execution flaws (APSB11-28)
flash-plugin: mulitple code execution flaws (APSB11-28)
Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on Windows, Mac OS X, Linux, and Solaris and before 11.1.102.59 on Android, and Adobe AIR before 3.1.0.4880, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2445, CVE-2011-2451, CVE-2011-2452, CVE-2011-2453, CVE-2011-2454, CVE-2011-2459, and CVE-2011-2460.
Red Hat
flash-plugin: mulitple code execution flaws (APSB11-28)
vendor_redhat·2011-11-10·CVSS 10.0
CVE-2011-2456 [CRITICAL] flash-plugin: mulitple code execution flaws (APSB11-28)
flash-plugin: mulitple code execution flaws (APSB11-28)
Buffer overflow in Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on Windows, Mac OS X, Linux, and Solaris and before 11.1.102.59 on Android, and Adobe AIR before 3.1.0.4880, allows attackers to execute arbitrary code via unspecified vectors.
Red Hat
flash-plugin: mulitple code execution flaws (APSB11-28)
vendor_redhat·2011-11-10·CVSS 10.0
CVE-2011-2459 [CRITICAL] flash-plugin: mulitple code execution flaws (APSB11-28)
flash-plugin: mulitple code execution flaws (APSB11-28)
Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on Windows, Mac OS X, Linux, and Solaris and before 11.1.102.59 on Android, and Adobe AIR before 3.1.0.4880, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2445, CVE-2011-2451, CVE-2011-2452, CVE-2011-2453, CVE-2011-2454, CVE-2011-2455, and CVE-2011-2460.
Red Hat
flash-plugin: mulitple code execution flaws (APSB11-28)
vendor_redhat·2011-11-10·CVSS 10.0
CVE-2011-2445 [CRITICAL] flash-plugin: mulitple code execution flaws (APSB11-28)
flash-plugin: mulitple code execution flaws (APSB11-28)
Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on Windows, Mac OS X, Linux, and Solaris and before 11.1.102.59 on Android, and Adobe AIR before 3.1.0.4880, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2451, CVE-2011-2452, CVE-2011-2453, CVE-2011-2454, CVE-2011-2455, CVE-2011-2459, and CVE-2011-2460.
Red Hat
flash-plugin: mulitple code execution flaws (APSB11-28)
vendor_redhat·2011-11-10·CVSS 10.0
CVE-2011-2453 [CRITICAL] flash-plugin: mulitple code execution flaws (APSB11-28)
flash-plugin: mulitple code execution flaws (APSB11-28)
Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on Windows, Mac OS X, Linux, and Solaris and before 11.1.102.59 on Android, and Adobe AIR before 3.1.0.4880, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2445, CVE-2011-2451, CVE-2011-2452, CVE-2011-2454, CVE-2011-2455, CVE-2011-2459, and CVE-2011-2460.
Red Hat
flash-plugin: mulitple code execution flaws (APSB11-28)
vendor_redhat·2011-11-10·CVSS 10.0
CVE-2011-2460 [CRITICAL] flash-plugin: mulitple code execution flaws (APSB11-28)
flash-plugin: mulitple code execution flaws (APSB11-28)
Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on Windows, Mac OS X, Linux, and Solaris and before 11.1.102.59 on Android, and Adobe AIR before 3.1.0.4880, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2445, CVE-2011-2451, CVE-2011-2452, CVE-2011-2453, CVE-2011-2454, CVE-2011-2455, and CVE-2011-2459.
Red Hat
flash-plugin: mulitple code execution flaws (APSB11-28)
vendor_redhat·2011-11-10·CVSS 10.0
CVE-2011-2457 [CRITICAL] flash-plugin: mulitple code execution flaws (APSB11-28)
flash-plugin: mulitple code execution flaws (APSB11-28)
Stack-based buffer overflow in Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on Windows, Mac OS X, Linux, and Solaris and before 11.1.102.59 on Android, and Adobe AIR before 3.1.0.4880, allows attackers to execute arbitrary code via unspecified vectors.
Red Hat
flash-plugin: mulitple code execution flaws (APSB11-28)
vendor_redhat·2011-11-10·CVSS 10.0
CVE-2011-2454 [CRITICAL] flash-plugin: mulitple code execution flaws (APSB11-28)
flash-plugin: mulitple code execution flaws (APSB11-28)
Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on Windows, Mac OS X, Linux, and Solaris and before 11.1.102.59 on Android, and Adobe AIR before 3.1.0.4880, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2445, CVE-2011-2451, CVE-2011-2452, CVE-2011-2453, CVE-2011-2455, CVE-2011-2459, and CVE-2011-2460.
Red Hat
flash-plugin: mulitple code execution flaws (APSB11-28)
vendor_redhat·2011-11-10·CVSS 10.0
CVE-2011-2452 [CRITICAL] flash-plugin: mulitple code execution flaws (APSB11-28)
flash-plugin: mulitple code execution flaws (APSB11-28)
Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on Windows, Mac OS X, Linux, and Solaris and before 11.1.102.59 on Android, and Adobe AIR before 3.1.0.4880, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2445, CVE-2011-2451, CVE-2011-2453, CVE-2011-2454, CVE-2011-2455, CVE-2011-2459, and CVE-2011-2460.
Red Hat
flash-plugin: mulitple code execution flaws (APSB11-28)
vendor_redhat·2011-11-10·CVSS 10.0
CVE-2011-2450 [CRITICAL] flash-plugin: mulitple code execution flaws (APSB11-28)
flash-plugin: mulitple code execution flaws (APSB11-28)
Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on Windows, Mac OS X, Linux, and Solaris and before 11.1.102.59 on Android, and Adobe AIR before 3.1.0.4880, allows attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.
No detection rules found.
No writeups or analysis indexed.
2012-04-13
Published