PT-2016-5275 · Ibm · Ibm Rational Publishing Engine

Publicado

2016-08-08

Atualizado

2025-03-25

CVE-2016-2914

CVSS v2.0

5.5

Média

Vetor

AV:N/AC:L/Au:S/C:N/I:P/A:P

Name of the Vulnerable Software and Affected Versions IBM Rational Publishing Engine version 2.0.1 before ifix002

Description The issue concerns an unrestricted file upload vulnerability in the Document Builder component. This allows remote authenticated users to execute arbitrary code by specifying an unexpected file extension.

Recommendations For IBM Rational Publishing Engine version 2.0.1 before ifix002, apply ifix002 to resolve the issue.

Correção

Unrestricted File Upload

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-434

Identificadores relacionados

CVE-2016-2914

Produtos afetados

Ibm Rational Publishing Engine

PT-2016-5275 · Ibm · Ibm Rational Publishing Engine

CVE-2016-2914

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 5