CyberSec.Space Logo
返回 CVE 瀏覽器

CVE-2007-4220

HIGH
7.8
CVSS Severity Score
EPSS Score0.1990%
EPSS Percentile24.56th
Published2007年8月29日
Last Modified2026年4月23日

Vulnerability Description

Directory traversal vulnerability in Motorola Timbuktu Pro before 8.6.5 for Windows allows remote attackers to create or delete arbitrary files via a .. (dot dot) in a Send request, probably related to the (1) Send and (2) Exchange services.

Affected Platforms (CPE)

📦
Motorola

Timbuktu

= 8.6.3.1367

References & Advisories

🔗 ftp://ftp-xo.netopia.com/evaluation/docs/timbuktu/win/865/relnotes/TB2Win865Evalrn.pdf
🔗 http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=589
🔗 http://secunia.com/advisories/26588
🔗 http://www.securityfocus.com/bid/25453
🔗 http://www.securitytracker.com/id?1018614
🔗 http://www.vupen.com/english/advisories/2007/2990
🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/36273
🔗 ftp://ftp-xo.netopia.com/evaluation/docs/timbuktu/win/865/relnotes/TB2Win865Evalrn.pdf

相關漏洞威脅

CVE-2008-111710.0

Directory traversal vulnerability in the Notes (aka Flash Notes or instant messages) feature in tb2ftp.dll in Timbuktu Pro 8.6.5 f...

CVE-2007-422110.0

Multiple buffer overflows in Motorola Timbuktu Pro before 8.6.5 for Windows allow remote attackers to cause a denial of service (d...

CVE-2009-13949.3

Stack-based buffer overflow in Motorola Timbuktu Pro 8.6.5 on Windows allows remote attackers to execute arbitrary code by sending...

CVE-2008-11187.5

Timbuktu Pro 8.6.5 for Windows, and possibly 8.7 for Mac OS X, does not perform input validation before logging information fields...