CVE-2005-2007
EPSS 1.3%
Description
Directory traversal vulnerability in Edgewall Trac 0.8.3 and earlier allows remote attackers to read or write arbitrary files via a .. (dot dot) in the id parameter to the (1) upload or (2) attachment scripts.
How to fix CVE-2005-2007
To remediate CVE-2005-2007, upgrade the affected package to a fixed version below.
- Debian/trac—upgrade to 0.8.4-1 or later
Is CVE-2005-2007 being exploited?
Low — EPSS is 1.3%, meaning exploitation activity has not been observed at scale.
Affected packages (1)
- from 0, < 0.8.4-1