NVD

Id
20778  
Name
CVE-2016-5537  
Description
Unspecified vulnerability in the NetBeans component in Oracle Fusion Middleware 8.1 allows local users to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information is from the October 2016 CPU. Oracle has not commented on third-party claims that this issue is a directory traversal vulnerability which allows local users with certain permissions to write to arbitrary files and consequently gain privileges via a .. (dot dot) in a archive entry in a ZIP file imported as a project.  
Reject
 
CVSS Version
2  
CVSS Score
4.6  
Severity
Medium  
CVSS Base Score
4.6  
CVSS Impact Subscore
6.4  
CVSS Exploit Subscore
3.9  
CVSS Vector
(AV:L/AC:L/Au:N/C:P/I:P/A:P)  
Pub Date
2017-01-19  
Published
2016-10-25  
Modified Date
2016-11-09  
Seq
2016-5537  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
113515 20778 CVE-2016-5537 http://hyp3rlinx.altervista.org/advisories/ORACLE-NETBEANS-IDE-DIRECTORY-TRAVERSAL.txt  View
113516 20778 CVE-2016-5537 http://packetstormsecurity.com/files/139259/Oracle-Netbeans-IDE-8.1-Directory-Traversal.html  View
113517 20778 CVE-2016-5537 http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html  View
113518 20778 CVE-2016-5537 20161021 Oracle Netbeans IDE v8.1 Import Directory Traversal  View
113519 20778 CVE-2016-5537 93686  View
113520 20778 CVE-2016-5537 40588  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
4812 JVNDB-2016-005585 Oracle Fusion Middleware の NetBeans における Project Import に関する脆弱性 Oracle Fusion Middleware の NetBeans には、Project Import に関する処理に不備があるため、機密性、完全性、および可用性に影響のある脆弱性が存在します。 CVE-2016-5537 92043 CVE-2016-5537 20778 4.6 5.7 http://jvndb.jvn.jp/ja/contents/2016/JVNDB-2016-005585.html 2016-10-18 2016-10-28 View