PT-2016-4246 · Oracle · Oracle Application Testing Suite

Rgod

Publicado

2016-01-21

Atualizado

2016-12-22

CVE-2016-0486

CVSS v2.0

5.0

Média

Vetor

AV:N/AC:L/Au:N/C:P/I:N/A:N

Name of the Vulnerable Software and Affected Versions Oracle Application Testing Suite (affected versions not specified)

Description The issue is related to a Directory Traversal and Information Disclosure vulnerability in the DownloadServlet exportFileName Parameter of the Oracle Application Testing Suite. This allows for potential unauthorized access to sensitive information.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Identificadores relacionados

CVE-2016-0486

ZDI-16-040

Produtos afetados

Oracle Application Testing Suite

PT-2016-4246 · Oracle · Oracle Application Testing Suite

CVE-2016-0486

Identificadores relacionados

Produtos afetados

Referências · 7