PT-2012-3041 · Mathopd · Mathopd

Mateusz Goik

Published

2012-02-13

Updated

2023-02-08

CVE-2012-1050

CVSS v2.0

4.3

Medium

Vector

AV:N/AC:M/Au:N/C:P/I:N/A:N

Name of the Vulnerable Software and Affected Versions Mathopd versions 1.4.x through 1.5.x before 1.5p7

Description A directory traversal issue exists when Mathopd is configured with the * construct for mass virtual hosting, allowing remote attackers to read arbitrary files by sending a crafted Host header.

Recommendations For versions 1.4.x through 1.5.x before 1.5p7, update to version 1.5p7 or later to resolve the issue.

Fix

Path traversal

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-22

Related Identifiers

ALT-PU-2023-1197

CVE-2012-1050

Affected Products

Mathopd

PT-2012-3041 · Mathopd · Mathopd

CVE-2012-1050

Weakness Enumeration

Related Identifiers

Affected Products

References · 12