#VU43218 Path traversal in MoinMoin - CVE-2012-6495 

CSH
CYBERSECURITY HELP
Sign In REGISTER
 
Main Vulnerability Database Vulnerabilities #VU43218

#VU43218 Path traversal in MoinMoin - CVE-2012-6495

Published: January 3, 2013 / Updated: August 11, 2020


Vulnerability identifier: #VU43218
Vulnerability risk: Low
CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2012-6495
CWE-ID: CWE-22
Exploitation vector: Remote access
Exploit availability: No public exploit available
Vulnerable software:
MoinMoin
Software vendor:
MoinMoin

Description

The vulnerability allows a remote #AU# to read and manipulate data.

Multiple directory traversal vulnerabilities in the (1) twikidraw (action/twikidraw.py) and (2) anywikidraw (action/anywikidraw.py) actions in MoinMoin before 1.9.6 allow remote authenticated users with write permissions to overwrite arbitrary files via unspecified vectors. NOTE: this can be leveraged with CVE-2012-6081 to execute arbitrary code.


Remediation

Install update from vendor's website.

External links