Search Results (Refine Search)
- Results Type: Overview
- Keyword (text search): cpe:2.3:a:gnu:gnump3d:2.9:*:*:*:*:*:*:*
- CPE Name Search: true
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2019-3697 |
UNIX Symbolic Link (Symlink) Following vulnerability in the packaging of gnump3d in openSUSE Leap 15.1 allows local attackers to escalate from user gnump3d to root. This issue affects: openSUSE Leap 15.1 gnump3d version 3.0-lp151.2.1 and prior versions. Published: January 24, 2020; 7:15:11 AM -0500 |
V3.1: 7.8 HIGH V2.0: 7.2 HIGH |
CVE-2005-3349 |
GNU Gnump3d before 2.9.8 allows local users to modify or delete arbitrary files via a symlink attack on the index.lok temporary file. Published: November 18, 2005; 5:03:00 PM -0500 |
V3.x:(not available) V2.0: 1.9 LOW |
CVE-2005-3355 |
Directory traversal vulnerability in GNU Gnump3d before 2.9.8 has unknown impact via "CGI parameters, and cookie values". Published: November 18, 2005; 5:03:00 PM -0500 |
V3.x:(not available) V2.0: 6.4 MEDIUM |
CVE-2005-3424 |
Cross-site scripting (XSS) vulnerability in GNUMP3D before 2.9.5 allows remote attackers to inject arbitrary web script or HTML via 404 error pages, a different vulnerability than CVE-2005-3425. Published: November 01, 2005; 5:02:00 PM -0500 |
V3.x:(not available) V2.0: 4.3 MEDIUM |
CVE-2005-3425 |
Cross-site scripting (XSS) vulnerability in GNUMP3D before 2.9.6 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2005-3424. Published: November 01, 2005; 5:02:00 PM -0500 |
V3.x:(not available) V2.0: 4.3 MEDIUM |
CVE-2005-3123 |
Directory traversal vulnerability in GNUMP3D before 2.9.6 allows remote attackers to read arbitrary files via crafted sequences such as "/.//..//////././", which is collapsed into "/.././" after ".." and "//" sequences are removed. Published: October 30, 2005; 3:02:00 PM -0500 |
V3.x:(not available) V2.0: 5.0 MEDIUM |