ISS X-Force Database: badblue-msoffice-script-directory-traversal(7946): BadBlue Microsoft Office file viewing script "dot dot" directory traversal

BadBlue Microsoft Office file viewing script "dot dot" directory traversal

badblue-msoffice-script-directory-traversal (7946)

Medium Risk

Description:

BadBlue could allow a remote attacker to traverse directories on the Web server. A remote attacker could send a specially-crafted URL request containing "dot dot " sequences (/../) as a parameter to the script used to view Microsoft Office documents to traverse directories and view arbitrary files on the system that can be opened by Microsoft Word, Access, or Excel.

Note: This vulnerability also affects Deerfield.com's D2Gfx client version 1.0.2.

Platforms Affected:

Deerfield.com, D2Gfx 1.0.2
Working Resources, BadBlue Enterprise Edition 1.5.x
Working Resources, BadBlue Personal Edition 1.5.6 beta

Remedy:

No remedy available as of June 27, 2009.

Consequences:

Obtain Information

References:

BadBlue Web site, Download BadBlue Personal Edition (PE) at http://www.badblue.com/down.htm.
Deefield Web site, D2Gfx 1.0.2 at http://www.deerfield.com/products/d2gfx/.
Strumpf Noir Society Advisory - January 17, 2002, BadBlue Scripting Directory Traversal Vulnerability at http://labs.secureance.com/adv/sns2k2-badblue2-adv.txt.
Strumpf Noir Society Summary - January 17, 2002, Strumpf Noir Society on BadBlue at http://www.jianteq.net/sns/adv/sns2k2-badblue-sum.txt.
BID-3913: Working Resources BadBlue Directory Traversal Vulnerability
CVE-2002-1684: Directory traversal vulnerability in (1) Deerfield D2Gfx 1.0.2 or (2) BadBlue Enterprise Edition 1.5.x and BadBlue Personal Edition 1.5.6 allows remote attackers to read arbitrary files via a ../ (dot dot slash) in the script used to read Microsoft Office documents.

Reported:

Jan 17, 2002

The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (IBM Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.

For corrections or additions please email xforce@iss.net

Return to the main page