cvelistv5 - CVE-2013-5022

URL	Tags
cve@mitre.org	http://digital.ni.com/public.nsf/allkb/782E4F31442D833186257BD3004AEB47?OpenDocument
cve@mitre.org	http://digital.ni.com/public.nsf/websearch/507DEC9DA57A708186257B3600512623?OpenDocument	Patch, Vendor Advisory
cve@mitre.org	http://digital.ni.com/public.nsf/websearch/C4619A438F7E78E486257B360050BD7D?OpenDocument	Vendor Advisory

▼	Vendor	Product
	n/a	n/a

gsd-2013-5022

Vulnerability from gsd

Modified

2023-12-13 01:22

Details

Absolute path traversal vulnerability in the 3D Graph ActiveX control in cw3dgrph.ocx in National Instruments LabWindows/CVI 2012 SP1 and earlier, LabVIEW 2012 SP1 and earlier, and other products allows remote attackers to create and execute arbitrary files via a full pathname in an argument to the ExportStyle method, in conjunction with file content in the (1) Caption or (2) FormatString property value.

Aliases

CVE-2013-5022

Aliases

CVE-2013-5022

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2013-5022",
    "description": "Absolute path traversal vulnerability in the 3D Graph ActiveX control in cw3dgrph.ocx in National Instruments LabWindows/CVI 2012 SP1 and earlier, LabVIEW 2012 SP1 and earlier, and other products allows remote attackers to create and execute arbitrary files via a full pathname in an argument to the ExportStyle method, in conjunction with file content in the (1) Caption or (2) FormatString property value.",
    "id": "GSD-2013-5022"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2013-5022"
      ],
      "details": "Absolute path traversal vulnerability in the 3D Graph ActiveX control in cw3dgrph.ocx in National Instruments LabWindows/CVI 2012 SP1 and earlier, LabVIEW 2012 SP1 and earlier, and other products allows remote attackers to create and execute arbitrary files via a full pathname in an argument to the ExportStyle method, in conjunction with file content in the (1) Caption or (2) FormatString property value.",
      "id": "GSD-2013-5022",
      "modified": "2023-12-13T01:22:21.792998Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2013-5022",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Absolute path traversal vulnerability in the 3D Graph ActiveX control in cw3dgrph.ocx in National Instruments LabWindows/CVI 2012 SP1 and earlier, LabVIEW 2012 SP1 and earlier, and other products allows remote attackers to create and execute arbitrary files via a full pathname in an argument to the ExportStyle method, in conjunction with file content in the (1) Caption or (2) FormatString property value."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "http://digital.ni.com/public.nsf/allkb/782E4F31442D833186257BD3004AEB47?OpenDocument",
            "refsource": "CONFIRM",
            "url": "http://digital.ni.com/public.nsf/allkb/782E4F31442D833186257BD3004AEB47?OpenDocument"
          },
          {
            "name": "http://digital.ni.com/public.nsf/websearch/C4619A438F7E78E486257B360050BD7D?OpenDocument",
            "refsource": "CONFIRM",
            "url": "http://digital.ni.com/public.nsf/websearch/C4619A438F7E78E486257B360050BD7D?OpenDocument"
          },
          {
            "name": "http://digital.ni.com/public.nsf/websearch/507DEC9DA57A708186257B3600512623?OpenDocument",
            "refsource": "CONFIRM",
            "url": "http://digital.ni.com/public.nsf/websearch/507DEC9DA57A708186257B3600512623?OpenDocument"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:ni:labview:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "2012",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ni:labwindows:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "2012",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ni:measurementstudio:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "2013",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ni:teststand:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "2012",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2013-5022"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Absolute path traversal vulnerability in the 3D Graph ActiveX control in cw3dgrph.ocx in National Instruments LabWindows/CVI 2012 SP1 and earlier, LabVIEW 2012 SP1 and earlier, and other products allows remote attackers to create and execute arbitrary files via a full pathname in an argument to the ExportStyle method, in conjunction with file content in the (1) Caption or (2) FormatString property value."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-22"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://digital.ni.com/public.nsf/websearch/507DEC9DA57A708186257B3600512623?OpenDocument",
              "refsource": "CONFIRM",
              "tags": [
                "Patch",
                "Vendor Advisory"
              ],
              "url": "http://digital.ni.com/public.nsf/websearch/507DEC9DA57A708186257B3600512623?OpenDocument"
            },
            {
              "name": "http://digital.ni.com/public.nsf/websearch/C4619A438F7E78E486257B360050BD7D?OpenDocument",
              "refsource": "CONFIRM",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://digital.ni.com/public.nsf/websearch/C4619A438F7E78E486257B360050BD7D?OpenDocument"
            },
            {
              "name": "http://digital.ni.com/public.nsf/allkb/782E4F31442D833186257BD3004AEB47?OpenDocument",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "http://digital.ni.com/public.nsf/allkb/782E4F31442D833186257BD3004AEB47?OpenDocument"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "COMPLETE",
            "baseScore": 10.0,
            "confidentialityImpact": "COMPLETE",
            "integrityImpact": "COMPLETE",
            "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 10.0,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2013-09-18T03:30Z",
      "publishedDate": "2013-08-06T20:55Z"
    }
  }
}

ghsa-2mcw-74cw-v9cj

Vulnerability from github

Published

2022-05-17 05:04

Modified

2022-05-17 05:04

Details

Absolute path traversal vulnerability in the 3D Graph ActiveX control in cw3dgrph.ocx in National Instruments LabWindows/CVI 2012 SP1 and earlier, LabVIEW 2012 SP1 and earlier, and other products allows remote attackers to create and execute arbitrary files via a full pathname in an argument to the ExportStyle method, in conjunction with file content in the (1) Caption or (2) FormatString property value.

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2013-5022"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-22"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2013-08-06T20:55:00Z",
    "severity": "HIGH"
  },
  "details": "Absolute path traversal vulnerability in the 3D Graph ActiveX control in cw3dgrph.ocx in National Instruments LabWindows/CVI 2012 SP1 and earlier, LabVIEW 2012 SP1 and earlier, and other products allows remote attackers to create and execute arbitrary files via a full pathname in an argument to the ExportStyle method, in conjunction with file content in the (1) Caption or (2) FormatString property value.",
  "id": "GHSA-2mcw-74cw-v9cj",
  "modified": "2022-05-17T05:04:42Z",
  "published": "2022-05-17T05:04:42Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-5022"
    },
    {
      "type": "WEB",
      "url": "http://digital.ni.com/public.nsf/allkb/782E4F31442D833186257BD3004AEB47?OpenDocument"
    },
    {
      "type": "WEB",
      "url": "http://digital.ni.com/public.nsf/websearch/507DEC9DA57A708186257B3600512623?OpenDocument"
    },
    {
      "type": "WEB",
      "url": "http://digital.ni.com/public.nsf/websearch/C4619A438F7E78E486257B360050BD7D?OpenDocument"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

var-201308-0294

Vulnerability from variot

Absolute path traversal vulnerability in the 3D Graph ActiveX control in cw3dgrph.ocx in National Instruments LabWindows/CVI 2012 SP1 and earlier, LabVIEW 2012 SP1 and earlier, and other products allows remote attackers to create and execute arbitrary files via a full pathname in an argument to the ExportStyle method, in conjunction with file content in the (1) Caption or (2) FormatString property value. Attackers can exploit this issue to create and execute arbitrary files in the context of the application (typically Internet Explorer) that is using the ActiveX control, which may aid in a remote code execution. The following products are affected: LabVIEW 2012 and prior LabWindows/CVI 2012 and prior Measurement Studio 2013 and prior TestStand 2012 and prior

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201308-0294",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "teststand",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "ni",
        "version": "2012"
      },
      {
        "model": "measurementstudio",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "ni",
        "version": "2013"
      },
      {
        "model": "labview",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "ni",
        "version": "2012"
      },
      {
        "model": "labwindows",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "ni",
        "version": "2012"
      },
      {
        "model": "labview",
        "scope": null,
        "trust": 0.8,
        "vendor": "national instruments",
        "version": null
      },
      {
        "model": "labwindows/cvi",
        "scope": null,
        "trust": 0.8,
        "vendor": "national instruments",
        "version": null
      },
      {
        "model": "teststand",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "ni",
        "version": "2012"
      },
      {
        "model": "measurementstudio",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "ni",
        "version": "2013"
      },
      {
        "model": "labwindows",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "ni",
        "version": "2012"
      },
      {
        "model": "labview",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "ni",
        "version": "2012"
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-003660"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-5022"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201308-067"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:ni:labview:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "2012",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ni:labwindows:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "2012",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ni:measurementstudio:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "2013",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ni:teststand:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "2012",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2013-5022"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Andrea Micalizzi aka rgod working with Hewlett Packard\u0027s Zero Day Initiative.",
    "sources": [
      {
        "db": "BID",
        "id": "61828"
      }
    ],
    "trust": 0.3
  },
  "cve": "CVE-2013-5022",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "acInsufInfo": false,
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "NVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 10.0,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 10.0,
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "obtainAllPrivilege": false,
            "obtainOtherPrivilege": false,
            "obtainUserPrivilege": false,
            "severity": "HIGH",
            "trust": 1.0,
            "userInteractionRequired": false,
            "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "Low",
            "accessVector": "Network",
            "authentication": "None",
            "author": "NVD",
            "availabilityImpact": "Partial",
            "baseScore": 6.4,
            "confidentialityImpact": "None",
            "exploitabilityScore": null,
            "id": "CVE-2013-5022",
            "impactScore": null,
            "integrityImpact": "Partial",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "Medium",
            "trust": 0.8,
            "userInteractionRequired": null,
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "NVD",
            "id": "CVE-2013-5022",
            "trust": 1.0,
            "value": "HIGH"
          },
          {
            "author": "NVD",
            "id": "CVE-2013-5022",
            "trust": 0.8,
            "value": "Medium"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201308-067",
            "trust": 0.6,
            "value": "CRITICAL"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-003660"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-5022"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201308-067"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Absolute path traversal vulnerability in the 3D Graph ActiveX control in cw3dgrph.ocx in National Instruments LabWindows/CVI 2012 SP1 and earlier, LabVIEW 2012 SP1 and earlier, and other products allows remote attackers to create and execute arbitrary files via a full pathname in an argument to the ExportStyle method, in conjunction with file content in the (1) Caption or (2) FormatString property value. \nAttackers can exploit this issue to create and execute arbitrary files in the context of the application (typically Internet Explorer) that is using the ActiveX control, which may aid in a remote code execution. \nThe following products are affected:\nLabVIEW 2012 and prior\nLabWindows/CVI 2012 and prior\nMeasurement Studio 2013 and prior\nTestStand 2012 and prior",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2013-5022"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-003660"
      },
      {
        "db": "BID",
        "id": "61828"
      }
    ],
    "trust": 1.89
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2013-5022",
        "trust": 2.7
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-003660",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201308-067",
        "trust": 0.6
      },
      {
        "db": "BID",
        "id": "61828",
        "trust": 0.3
      }
    ],
    "sources": [
      {
        "db": "BID",
        "id": "61828"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-003660"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-5022"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201308-067"
      }
    ]
  },
  "id": "VAR-201308-0294",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VARIoT devices database",
        "id": null
      }
    ],
    "trust": 0.18333334
  },
  "last_update_date": "2023-12-18T12:52:06.161000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "How Does NI Security Update 67L8L0QW for cw3dgrph.ocx Affect Me?",
        "trust": 0.8,
        "url": "http://digital.ni.com/public.nsf/websearch/c4619a438f7e78e486257b360050bd7d?opendocument"
      },
      {
        "title": "How Do The NI Q2 2013 Security Updates Affect Me?",
        "trust": 0.8,
        "url": "http://digital.ni.com/public.nsf/websearch/507dec9da57a708186257b3600512623?opendocument"
      },
      {
        "title": "NI Q2 2013\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u30a2\u30c3\u30d7\u30c7\u30fc\u30c8\u306b\u3064\u3044\u3066",
        "trust": 0.8,
        "url": "http://digital.ni.com/public.nsf/websearchj/a13ef8e8ae2cfaa886257b750076ec0b?opendocument"
      },
      {
        "title": "cw3dgrph.ocx\u7528NI\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u30a2\u30c3\u30d7\u30c7\u30fc\u30c867L8L0QW\u306b\u3064\u3044\u3066",
        "trust": 0.8,
        "url": "http://digital.ni.com/public.nsf/websearchj/73fc56053f95119a86257b6c0073cc03?opendocument"
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-003660"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-22",
        "trust": 1.8
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-003660"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-5022"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 1.9,
        "url": "http://digital.ni.com/public.nsf/websearch/507dec9da57a708186257b3600512623?opendocument"
      },
      {
        "trust": 1.9,
        "url": "http://digital.ni.com/public.nsf/websearch/c4619a438f7e78e486257b360050bd7d?opendocument"
      },
      {
        "trust": 1.0,
        "url": "http://digital.ni.com/public.nsf/allkb/782e4f31442d833186257bd3004aeb47?opendocument"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-5022"
      },
      {
        "trust": 0.8,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-5022"
      },
      {
        "trust": 0.3,
        "url": "http://support.microsoft.com/kb/240797"
      }
    ],
    "sources": [
      {
        "db": "BID",
        "id": "61828"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-003660"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-5022"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201308-067"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "BID",
        "id": "61828"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-003660"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-5022"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201308-067"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2013-08-19T00:00:00",
        "db": "BID",
        "id": "61828"
      },
      {
        "date": "2013-08-08T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2013-003660"
      },
      {
        "date": "2013-08-06T20:55:05.413000",
        "db": "NVD",
        "id": "CVE-2013-5022"
      },
      {
        "date": "2013-08-07T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201308-067"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2015-03-19T08:44:00",
        "db": "BID",
        "id": "61828"
      },
      {
        "date": "2013-08-08T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2013-003660"
      },
      {
        "date": "2013-09-18T03:30:09.033000",
        "db": "NVD",
        "id": "CVE-2013-5022"
      },
      {
        "date": "2013-08-07T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201308-067"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201308-067"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "National Instruments LabWindows/CVI and  LabVIEW Used in products such as  cw3dgrph.ocx Vulnerable to absolute path traversal",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-003660"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "path traversal",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201308-067"
      }
    ],
    "trust": 0.6
  }
}

Action not permitted

CVE-2013-5022

Vulnerability from cvelistv5

gsd-2013-5022

Vulnerability from gsd

ghsa-2mcw-74cw-v9cj

Vulnerability from github

var-201308-0294

Vulnerability from variot

Tags