CVE-1999-1250

CVSS 2.0 Score 5 of 10 (medium)

Details

Published Aug 19, 1997

Updated: Nov 20, 2024

Summary

CVE-1999-1250 is a vulnerability affecting the CGI program in the Lasso application by Blue World, which was used on WebSTAR and other servers. This issue enables remote attackers to read arbitrary files, posing a significant security risk if exploited. The vulnerability stems from a lack of input validation, allowing an attacker to manipulate file paths and access sensitive data. Exploitation requires no authentication, making this a critical threat for organizations using the affected software. Applying the latest patches or upgrading to a secure version of the Lasso application is recommended to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/NWlUOF
https://www.cve.org/CVERecord?id=CVE-1999-1250
https://nvd.nist.gov/vuln/detail/CVE-1999-1250

Back to Vulnerability Database

CVE-1999-1250

CVSS 2.0 Score 5 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations