Novell Access Manager Administration Console 'getEntry()' Arbitrary File Upload Vulnerability

Novell Access Manager is prone to an arbitrary-file-upload vulnerability because it fails to properly sanitize user-supplied input.

An attacker may leverage this issue to upload arbitrary files to the affected computer; this can result in arbitrary code execution within the context of the vulnerable application.

Novell Access Manager 3.1 prior to 3.1 SP2 on Microsoft Windows is vulnerable.


 

Privacy Statement
Copyright 2010, SecurityFocus