CVE-2001-0924 | Vulnerability Database | Aqua Security

Directory traversal vulnerability in ifx CGI program in Informix Web DataBlade allows remote attackers to read arbitrary files via a .. (dot dot) in the LO parameter.

Affected Software

Name	Vendor	Start Version	End Version
Informix_web_datablade	Ibm	3.3 (including)	3.3 (including)
Informix_web_datablade	Ibm	3.4 (including)	3.4 (including)
Informix_web_datablade	Ibm	3.5 (including)	3.5 (including)
Informix_web_datablade	Ibm	3.6 (including)	3.6 (including)
Informix_web_datablade	Ibm	3.7 (including)	3.7 (including)
Informix_web_datablade	Ibm	4.10 (including)	4.10 (including)
Informix_web_datablade	Ibm	4.11 (including)	4.11 (including)
Informix_web_datablade	Ibm	4.12 (including)	4.12 (including)

References

http://marc.info/?l=bugtraq\u0026m=100654890029878\u0026w=2
http://marc.info/?l=bugtraq\u0026m=100688672019635\u0026w=2
http://www.securityfocus.com/bid/3575
https://exchange.xforce.ibmcloud.com/vulnerabilities/7585
http://marc.info/?l=bugtraq\u0026m=100654890029878\u0026w=2
http://marc.info/?l=bugtraq\u0026m=100688672019635\u0026w=2
http://www.securityfocus.com/bid/3575
https://exchange.xforce.ibmcloud.com/vulnerabilities/7585

NVD	https://nvd.nist.gov/vuln/detail/CVE-2001-0924
CWE	https://cwe.mitre.org/data/definitions/NVD-Other.html