PT-2016-4246 · Oracle · Oracle Application Testing Suite

Rgod

Published

2016-01-21

Updated

2016-12-22

CVE-2016-0486

CVSS v2.0

5.0

Medium

Vector

AV:N/AC:L/Au:N/C:P/I:N/A:N

Name of the Vulnerable Software and Affected Versions Oracle Application Testing Suite (affected versions not specified)

Description The issue is related to a Directory Traversal and Information Disclosure vulnerability in the DownloadServlet exportFileName Parameter of the Oracle Application Testing Suite. This allows for potential unauthorized access to sensitive information.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2016-0486

ZDI-16-040

Affected Products

Oracle Application Testing Suite

PT-2016-4246 · Oracle · Oracle Application Testing Suite

CVE-2016-0486

Related Identifiers

Affected Products

References · 7