nvd-json-data-feeds/CVE-2003/CVE-2003-06xx/CVE-2003-0650.json

{
  "id": "CVE-2003-0650",
  "sourceIdentifier": "cve@mitre.org",
  "published": "2003-08-27T04:00:00.000",
  "lastModified": "2016-10-18T02:36:20.433",
  "vulnStatus": "Modified",
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Directory traversal vulnerability in GSAPAK.EXE for GameSpy Arcade, possibly versions before 1.3e, allows remote attackers to overwrite arbitrary files and execute arbitrary code via .. (dot dot) sequences in filenames in a .APK (Zip) file."
    },
    {
      "lang": "es",
      "value": "Vulnerabilidad de cruce de directorios en GSAPARK.EXE de GameSpy Arcade, posiblemente versiones anteriores a 1.3e, permite a atacantes remotos sobreescribir ficheros arbitrarios y ejecutar c\u00f3digo arbitrario mediante secuencias .. (punto punto) en nombres de fichero dentro de un fichero .APK (archivo comprimido)"
    }
  ],
  "metrics": {
    "cvssMetricV2": [
      {
        "source": "nvd@nist.gov",
        "type": "Primary",
        "cvssData": {
          "version": "2.0",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "accessVector": "NETWORK",
          "accessComplexity": "LOW",
          "authentication": "NONE",
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "availabilityImpact": "PARTIAL",
          "baseScore": 7.5
        },
        "baseSeverity": "HIGH",
        "exploitabilityScore": 10.0,
        "impactScore": 6.4,
        "acInsufInfo": false,
        "obtainAllPrivilege": false,
        "obtainUserPrivilege": false,
        "obtainOtherPrivilege": true,
        "userInteractionRequired": false
      }
    ]
  },
  "weaknesses": [
    {
      "source": "nvd@nist.gov",
      "type": "Primary",
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ]
    }
  ],
  "configurations": [
    {
      "nodes": [
        {
          "operator": "OR",
          "negate": false,
          "cpeMatch": [
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:gamespy:arcade:*:*:*:*:*:*:*:*",
              "versionEndIncluding": "1.3e",
              "matchCriteriaId": "77A968C7-60B2-4E0E-BF99-7DF8817EA299"
            }
          ]
        }
      ]
    }
  ],
  "references": [
    {
      "url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q3/0064.html",
      "source": "cve@mitre.org"
    },
    {
      "url": "http://marc.info/?l=bugtraq&m=105958779017085&w=2",
      "source": "cve@mitre.org"
    },
    {
      "url": "http://www.gamespyarcade.com/features/versions.shtml",
      "source": "cve@mitre.org"
    },
    {
      "url": "http://www.securityfocus.com/bid/8309",
      "source": "cve@mitre.org",
      "tags": [
        "Exploit",
        "Patch",
        "Vendor Advisory"
      ]
    }
  ]
}