Syntax Desktop Directory Traversal Vulnerability Network Vulnerability

Summary

This host is running Syntax Desktop and is prone to Directory Traversal Vulnerability.

Impact

Successful exploitation will let the attacker gain sensitive information about the remote system directories where syntax desktop runs. Impact level: Application/System

Solution

No Solution or patch is available as of 17th February 2009. For updates refer to http://www.syntaxdesktop.com

Insight

This flaw is due to error in file 'preview.php' in 'synTarget' parameter which lets the attacker to gain information through directoy traversal queries.

Affected

Syntax Desktop 2.7 and prior

Severity

Classification

CVE CVE-2009-0448

CVSS	Base Score: 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P

Related Vulnerabilities

Apache Tomcat/JBoss EJBInvokerServlet / JMXInvokerServlet (RMI over HTTP) Marshalled Object Remote Code Execution
AWCM CMS Multiple Remote File Include Vulnerabilities
AjaXplorer zoho plugin Directory Traversal Vulnerability
Ajax File and Image Manager 'data.php' PHP Code Injection Vulnerability
AWStats configdir parameter arbitrary cmd exec

Take action and discover your vulnerabilities