CVE

Id
92131  
CVE No.
CVE-2016-5312  
Status
Candidate  
Description
Directory traversal vulnerability in the charting component in Symantec Messaging Gateway before 10.6.2 allows remote authenticated users to read arbitrary files via a .. (dot dot) in the sn parameter to brightmail/servlet/com.ve.kavachart.servlet.ChartStream.  
Phase
Assigned (20160606)  
Votes
None (candidate not yet proposed)  
Comments
 

Actions

Related CVE References

Id CVE Id CVE No. Reference Actions
789356 92131 CVE-2016-5312 EXPLOIT-DB:40437  View
789357 92131 CVE-2016-5312 URL:https://www.exploit-db.com/exploits/40437/  View
789358 92131 CVE-2016-5312 FULLDISC:20160928 Symantec Messaging Gateway <= 10.6.1 Directory Traversal  View
789359 92131 CVE-2016-5312 URL:http://seclists.org/fulldisclosure/2016/Sep/71  View
789360 92131 CVE-2016-5312 MISC:http://packetstormsecurity.com/files/138891/Symantec-Messaging-Gateway-10.6.1-Directory-Traversal.html  View
789361 92131 CVE-2016-5312 CONFIRM:http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20160927_00  View
789362 92131 CVE-2016-5312 BID:93148  View
789363 92131 CVE-2016-5312 URL:http://www.securityfocus.com/bid/93148  View
789364 92131 CVE-2016-5312 SECTRACK:1036908  View

Related JVN

Id JVN No. Title Summary CVE No. CVE Id CVSS_v2 CVSS_v3 JVN URL Actions
4681 JVNDB-2016-005454 Oracle MySQL の MySQL Server における Server: Packaging に関する脆弱性 Oracle MySQL の MySQL Server には、Server: Packaging に関する処理に不備があるため、機密性、完全性、および可用性に影響のある脆弱性が存在します。 CVE-2016-5625 92131 4.4 7 http://jvndb.jvn.jp/ja/contents/2016/JVNDB-2016-005454.html  View