Vulnerability in N/a
CVE-2008-1117
Directory traversal vulnerability in the Notes (aka Flash Notes or instant messages) feature in tb2ftp.dll in Timbuktu Pro 8.6.5 for Windows, and possibly 8.7 for Mac OS X, allows remote attackers to upload files to arbitrary locations via…
EPSS: 0.789 (99.1th percentile) — read the EPSS interpretation.
Affected products
- N/a — versions n/a
Public proof-of-concept exploits
References
- 20080310 Vulnerabilities in Timbuktu Pro 8.6.5 (mailing-list, x_refsource_BUGTRAQ)
- 4455 (exploit, x_refsource_EXPLOIT-DB)
- 29316 (x_refsource_SECUNIA, third-party-advisory)
- 3741 (x_refsource_SREASON, third-party-advisory)
- www.coresecurity.com/ (x_refsource_MISC)
- 20080311 Re: [Full-disclosure] Vulnerabilities in Timbuktu Pro 8.6.5 (mailing-list, x_refsource_BUGTRAQ)
- aluigi.org/poc/timbuto.zip (x_refsource_MISC)
- 28081 (vdb-entry, x_refsource_BID)
- aluigi.altervista.org/adv/timbuto-adv.txt (x_refsource_MISC)
- 20080311 CORE-2008-0204: Timbuktu Pro Remote Path Traversal and Log Injection (mailing-list, x_refsource_BUGTRAQ)
Frequently asked questions
- What is CVE-2008-1117?
- CVE-2008-1117 is a vulnerability in N/a. Published 2008-03-14.
- Is CVE-2008-1117 known to be exploited?
- 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.