CVE-2007-2048 - Secunia Advisories - Vulnerability Information

CVE Reference: CVE-2007-2048
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2007-2048

Description: Directory traversal vulnerability in /console in the Management Console in webMethods Glue 6.5.1 and earlier allows remote attackers to read arbitrary system files via a .. (dot dot) in the resource parameter.

CVE Status: Candidate

References: ST 1017926 SREASON http://securityreason.com/securityalert/2589 SAID Secunia Advisory: SA24933 MISC http://www.aushack.com/advisories/200704-webmethods.txt BUGTRAQ http://www.securityfocus.com/archive/1/archive/1/467873/30/6720/threaded http://www.securityfocus.com/archive/1/archive/1/465993/100/0/threaded http://www.securityfocus.com/archive/1/archive/1/465332/100/0/threaded BID 23423

Return to the previous page.