CVE-2016-5537

Name of the Vulnerable Software and Affected Versions Oracle Fusion Middleware 8.1

Description The issue affects confidentiality, integrity, and availability. It is reportedly related to a directory traversal vulnerability, which may allow local users with certain permissions to write to arbitrary files and gain privileges by using a .. (dot dot) in a ZIP file imported as a project.

Recommendations For Oracle Fusion Middleware 8.1, consider restricting access to the NetBeans component until a fix is available. As a temporary workaround, avoid importing ZIP files as projects that may contain malicious archive entries.