CVE-2012-5641
published 2014-03-18CVE-2012-5641: Directory traversal vulnerability in the partition2 function in mochiweb_util.erl in MochiWeb before 2.4.0, as used in Apache CouchDB before 1.0.4, 1.1.x…
medium5CVSS 3.1
AVNACLAuNCPINAN
Directory traversal vulnerability in the partition2 function in mochiweb_util.erl in MochiWeb before 2.4.0, as used in Apache CouchDB before 1.0.4, 1.1.x before 1.1.2, and 1.2.x before 1.2.1, allows remote attackers to read arbitrary files via a ..\ (dot dot backslash) in the default URI.
Affected
13 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| apache | couchdb | <= 1.0.3 | — |
| apache | couchdb | — | — |
| apache | couchdb | — | — |
| apache | couchdb | — | — |
| apache | couchdb | — | — |
| apache | couchdb | — | — |
| apache | couchdb | — | — |
| mochiweb_project | mochiweb | <= 2.3.2 | — |
| mochiweb_project | mochiweb | — | — |
| mochiweb_project | mochiweb | — | — |
| mochiweb_project | mochiweb | — | — |
| mochiweb_project | mochiweb | — | — |
| mochiweb_project | mochiweb | — | — |