PT-2015-6027 · Yodobashi · Yodobashi
Kusano Kazuhiko
·
Publicado
2015-08-08
·
Atualizado
2015-08-10
·
CVE-2015-2980
CVSS v2.0
6.8
Média
| Vetor | AV:N/AC:M/Au:N/C:P/I:P/A:P |
Name of the Vulnerable Software and Affected Versions
Yodobashi application versions 1.2.1.0 and earlier
Description
The issue allows remote attackers to execute arbitrary Java methods via a crafted HTML document, potentially obtaining sensitive information or executing OS commands.
Recommendations
For Yodobashi application versions 1.2.1.0 and earlier, at the moment, there is no information about a newer version that contains a fix for this issue.
Correção
OS Command Injection
Information Disclosure
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Identificadores relacionados
Produtos afetados
Yodobashi