Vulnerabilities > CVE-2009-4592 - Remote Security vulnerability in Base

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

network

low complexity

secureideas

NVD

Published: 2010-01-07

Updated: 2017-08-17

Summary

Unspecified vulnerability in base_local_rules.php in Basic Analysis and Security Engine (BASE) before 1.4.4 allows remote attackers to include arbitrary local files via unknown vectors.

Vulnerable Configurations

Part	Description	Count
Application	Secureideas Secureideas Base 0.9.8 Secureideas Base 0.9.9 Secureideas Base 1.0 Secureideas Base 1.2.4 Secureideas Base 1.2.5 Secureideas Base 1.2.6 Secureideas Base 1.2.7 Secureideas Base 1.3.5 Secureideas Base 1.3.6 Secureideas Base 1.3.8 Secureideas Base 1.3.9 Secureideas Base 1.4.0 Secureideas Base 1.4.1 Secureideas Base *	14

References

http://base.secureideas.net/news.php
http://secunia.com/advisories/37147
http://secureideas.cvs.sourceforge.net/viewvc/secureideas/base-php4/docs/CHANGELOG?revision=1.359&view=markup
http://www.vupen.com/english/advisories/2009/3054
https://exchange.xforce.ibmcloud.com/vulnerabilities/53969