CVE-1999-1069

CVSS 2.0 Score 5.0 of 10 (medium)

Details

Published Nov 8, 1997
Updated: Nov 20, 2024

Summary

CVE-1999-1069 is a vulnerability affecting the iCat Carbo Server 3.0.0 and its carbo.dll component. Attackers can exploit this directory traversal flaw by manipulating the icatcommand parameter with a .. (dot dot) sequence. This vulnerability allows remote assailants to read arbitrary files on the targeted system, posing a significant risk to data confidentiality. System administrators should apply the available patch or upgrade to a secure version to mitigate this issue.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share