Path Traversal in Symantec Brightmail_antispam

CVE-2006-4013

Multiple directory traversal vulnerabilities in Symantec Brightmail AntiSpam (SBAS) before 6.0.4, when the Control Center is allowed to connect from any computer, allow remote attackers to read and overwrite certain files via directory tra…

Vulnerability class: Path Traversal (Directory Traversal)

EPSS: 0.043 (89.9th percentile) — read the EPSS interpretation.

Affected products

Symantec Brightmail_antispam — versions 4.0, 5.5, 6.0
N/a — versions n/a

Weakness classification (CWE)

CWE-22 — Path Traversal

References

cve@mitre.org (Patch, vdb-entry, x_refsource_SECTRACK)
cve@mitre.org (x_refsource_OSVDB, vdb-entry)
cve@mitre.org (vdb-entry, x_refsource_BID)
cve@mitre.org (x_refsource_OSVDB, vdb-entry)
cve@mitre.org (x_refsource_CONFIRM, Patch, Vendor Advisory)
cve@mitre.org (vdb-entry, x_refsource_VUPEN)
cve@mitre.org (vdb-entry, x_refsource_XF)
cve@mitre.org (vdb-entry, x_refsource_XF)
cve@mitre.org (Patch, x_refsource_SECUNIA, Vendor Advisory, third-party-advisory)