|
Description
|
|
(:A directory traversal vulnerability was reported in Liferay.:A remote attacker could exploit it by using specially crafted URLs in order to read arbitrary files of the system with application's privileges.::This vulnerability is located in the "minifierBundleDir" parameter of the "barebone.jsp" web page.::A proof of concept is available.)
|
|
|
|
|
|
Vulnerable Products
|
|
Vulnerable Software:
Liferay (Liferay) - 5.1.0
|
|
|
|
|
|
Solution
|
|
No solution for the moment.
|
|
|
|
|
|
CVE
|
|
CVE-2016-6517
|
|
|
|
|
|
References
|
|
- oss-sec : CVE:Request - Path Traversal Barebone.jsp - Liferay 5.1.0
http://seclists.org/oss-sec/2016/q3/218
|
|
|
|
|
|
Vulnerability Manager Detection
|
|
No
|
|
|
|
|
|
IPS Protection
|
|
|
|
|
|
|
