Back to search
CVE-2002-1837
Published: Jun 28, 2005
Modified: Aug 8, 2024
PUBLISHED
Description
The getAlbumToDisplay function in idsShared.pm for Image Display System (IDS) 0.81 allows remote attackers to determine the existence of arbitrary directories via ".." sequences in the album parameter, which generates different error messages depending on whether the directory exists or not.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
ids-dir-existence(9201)
vdb-entry
x_refsource_XF
20020528 Information Disclosure Vulnerability in IDS 0.8x
mailing-list
x_refsource_BUGTRAQ
4870
vdb-entry
x_refsource_BID
http://ids.sourceforge.net/ChangeLog.html
x_refsource_CONFIRM
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now