Unrated severityNVD Advisory· Published Oct 30, 2005· Updated Apr 16, 2026
CVE-2005-3123
CVE-2005-3123
Description
Directory traversal vulnerability in GNUMP3D before 2.9.6 allows remote attackers to read arbitrary files via crafted sequences such as "/.//..//////././", which is collapsed into "/.././" after ".." and "//" sequences are removed.
Affected products
6cpe:2.3:a:gnu:gnump3d:2.9:*:*:*:*:*:*:*+ 5 more
- cpe:2.3:a:gnu:gnump3d:2.9:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:gnump3d:2.9.1:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:gnump3d:2.9.2:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:gnump3d:2.9.3:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:gnump3d:2.9.4:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:gnump3d:2.9.5:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
11- lists.gnu.org/archive/html/gnump3d-users/2005-10/msg00013.htmlnvdPatch
- www.debian.org/security/2005/dsa-877nvdPatchVendor Advisory
- www.securityfocus.com/bid/15228nvdPatch
- secunia.com/advisories/17351nvdExploitPatchVendor Advisory
- secunia.com/advisories/17559nvdVendor Advisory
- securityreason.com/securityalert/127nvd
- securitytracker.com/idnvd
- www.novell.com/linux/security/advisories/2005_27_sr.htmlnvd
- www.novell.com/linux/security/advisories/2005_28_sr.htmlnvd
- www.osvdb.org/20360nvd
- www.vupen.com/english/advisories/2005/2242nvd
News mentions
0No linked articles in our index yet.