Novell Access Manager Administration Console 'getEntry()' Arbitrary File Upload Vulnerability

Bugtraq ID: 40931
Class: Input Validation Error
CVE: CVE-2010-0284
Remote: Yes
Local: No
Published: Jun 17 2010 12:00AM
Updated: Jun 21 2010 06:48PM
Credit: Stephen Fewer of Harmony Security working with TippingPoint's Zero Day Initiative
Vulnerable: Novell Access Manager 3.1 SP1
Novell Access Manager 3.1
Not Vulnerable: Novell Access Manager 3.1 SP2


 

Privacy Statement
Copyright 2010, SecurityFocus