Skip to main content

DEPRECATED: Pathname Traversal and Equivalence Errors

CVE-2014-2232

Severity Medium
Score 5/10

Summary

Absolute path traversal vulnerability in the MapAPI in Infoware MapSuite before 1.0.36 and 1.1.x before 1.1.49 allows remote attackers to read arbitrary files via unspecified vectors.

  • LOW
  • NETWORK
  • NONE
  • NONE
  • PARTIAL
  • NONE

CWE-21 - DEPRECATED: Pathname Traversal and Equivalence Errors

This category has been deprecated. It was originally used for organizing weaknesses involving file names, which enabled access to files outside of a restricted directory (path traversal) or to perform operations on files that would otherwise be restricted (path equivalence). Consider using either the File Handling Issues category (CWE-1219) or the class Use of Incorrectly-Resolved Name or Reference (CWE-706).

References

Advisory Timeline

  • Published