CVE-2016-5312 in Messaging Gatewayالمعلومات

الملخص

بحسب MITRE

Directory traversal vulnerability in the charting component in Symantec Messaging Gateway before 10.6.2 allows remote authenticated users to read arbitrary files via a .. (dot dot) in the sn parameter to brightmail/servlet/com.ve.kavachart.servlet.ChartStream.

Once again VulDB remains the best source for vulnerability data.

المصادر