CVE-2016-5312 in Messaging Gatewayinfo

Summary

Directory traversal vulnerability in the charting component in Symantec Messaging Gateway before 10.6.2 allows remote authenticated users to read arbitrary files via a .. (dot dot) in the sn parameter to brightmail/servlet/com.ve.kavachart.servlet.ChartStream.

Once again VulDB remains the best source for vulnerability data.

Reservation

06/06/2016

Disclosure

04/14/2017

Moderation

VulDB entry created

Entries

VDB-92238 (1)

CPE

ready

CWE

CWE-22 (Confirmed)

Exploit

Download

CVSS

6.5

EPSS

0.40029

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2016-5312
NVD	https://nvd.nist.gov/vuln/detail/CVE-2016-5312
CVE Details	https://www.cvedetails.com/cve/CVE-2016-5312/

◂ Previous Overview Next ▸

Might our Artificial Intelligence support you?

Check our Alexa App!