CVE - CVE-2007-5364

CVE-ID
CVE-2007-5364	Learn more at National Vulnerability Database (NVD) • CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Description
DISPUTED Directory traversal vulnerability in payments/ideal_process.php in the iDEAL transaction handler in ViArt Shopping Cart allows remote attackers to have an unknown impact via directory traversal sequences in the filename parameter to the createCertFingerprint function. NOTE: this issue is disputed by CVE because PHP encounters a fatal function-call error on a direct request for payments/ideal_process.php.
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
BID:25998 URL:http://www.securityfocus.com/bid/25998 BUGTRAQ:20071005 [Aria-Security] Stuffed Tracker Multiple Cross-Site Scripting VULN URL:http://www.securityfocus.com/archive/1/481658/100/0/threaded BUGTRAQ:20071009 Viart Shopping Cart Directory Transversal URL:http://www.securityfocus.com/archive/1/481848 SREASON:3212 URL:http://securityreason.com/securityalert/3212
Assigning CNA
MITRE Corporation
Date Record Created
20071010	Disclaimer: The record creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20071010)
Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)
N/A
This is a record on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: CVE Request Web Form (select "Other" from dropdown)