• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

PeopleSoft PeopleTools SchedulerTransfer Remote Command Execution Vulnerability

A remote command execution vulnerability exists in the PeopleSoft PeopleTools "SchedulerTransfer" servlet. This issue occurs because the servlet does not sufficiently validate externally supplied data. Exploitation may allow malicious files to be written to the system hosting the software and executed with the privileges of the web server.