PT-2012-2105 · Blue Coat · Blue Coat Reporter

Publicado

2012-08-26

Atualizado

2012-08-27

CVE-2011-5127

CVSS v2.0

Alta

Vetor

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Blue Coat Reporter versions 9.x before 9.2.4.13 Blue Coat Reporter versions 9.2.5.x before 9.2.5.1 Blue Coat Reporter versions 9.3 before 9.3.1.2

Description The issue allows remote attackers to read arbitrary files and consequently execute arbitrary code via an unspecified HTTP request. This is a directory traversal vulnerability.

Recommendations For Blue Coat Reporter versions 9.x before 9.2.4.13, update to version 9.2.4.13 or later. For Blue Coat Reporter versions 9.2.5.x before 9.2.5.1, update to version 9.2.5.1 or later. For Blue Coat Reporter versions 9.3 before 9.3.1.2, update to version 9.3.1.2 or later.

Exploit

Correção

Path traversal

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-22

Identificadores relacionados

CVE-2011-5127

Produtos afetados

Blue Coat Reporter

PT-2012-2105 · Blue Coat · Blue Coat Reporter

CVE-2011-5127

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 3