CyberSec.Space Logo
CVEブラウザに戻る

CVE-2014-8555

MEDIUM
5.0
CVSS Severity Score
EPSS Score0.0970%
EPSS Percentile43.10th
Published2014年11月12日
Last Modified2026年5月6日

Vulnerability Description

Directory traversal vulnerability in report/reportViewAction.jsp in Progress Software OpenEdge 11.2 allows remote attackers to read arbitrary files via a .. (dot dot) in the selection parameter.

Affected Platforms (CPE)

📦
Progress

Openedge

= 11.2

References & Advisories

🔗 http://packetstormsecurity.com/files/129052/Progress-OpenEdge-11.2-Directory-Traversal.html
🔗 http://www.exploit-db.com/exploits/35127
🔗 http://www.exploit-db.com/exploits/35207
🔗 https://www.xlabs.com.br/blog/?p=256
🔗 http://packetstormsecurity.com/files/129052/Progress-OpenEdge-11.2-Directory-Traversal.html
🔗 http://www.exploit-db.com/exploits/35127
🔗 http://www.exploit-db.com/exploits/35207
🔗 https://www.xlabs.com.br/blog/?p=256

関連する脆弱性情報

CVE-2007-241710.0

Heap-based buffer overflow in _mprosrv.exe in Progress Software Progress 9.1E and OpenEdge 10.1x, as used by the RSA Authenticatio...

CVE-2015-92459.8

Insecure default configuration in Progress Software OpenEdge 10.2x and 11.x allows unauthenticated remote attackers to specify arb...

CVE-2007-25067.8

WebSpeed 3.x in OpenEdge 10.x in Progress Software Progress 9.1e, and certain other 9.x versions, allows remote attackers to cause...

CVE-2007-34917.5

Buffer overflow in _mprosrv in Progress Software OpenEdge before 9.1E0422, and 10.x before 10.1B01, allows remote attackers to hav...