Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-1047

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2012-1047
Last Modified 24 Feb 2012 11:21:24
Published 12 Feb 2012 05:55:01
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2012-1047

Summary

Directory traversal vulnerability in the WWWHELP Service (js/html/wwhelp.htm) in Cyberoam Central Console (CCC) 2.00.2 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the file parameter in an Online_help action.

Vulnerable Systems

Application

  • Cyberoam Central Console 2.00.2


References

MISC - http://www.vulnerability-lab.com/get_content.php?id=405

BID - 51901

BUGTRAQ - 20120207 Cyberoam Central Console v2.00.2 - File Include Vulnerability

EXPLOIT-DB - 18473


Last Updated: 27 May 2016 10:58:15