|
Description
|
|
A vulnerability has been reported in Axway SecureTransport, which can be exploited by malicious people to disclose sensitive information.
Certain input related to the /icons/ directory is not properly verified before being used to display files. This can be exploited to disclose the contents of arbitrary files via directory traversal sequences.
Successful exploitation requires that SecureTransport runs on a Windows platform.
The vulnerability is reported in versions 4.8.1 and 4.8.2. Other versions may also be affected.
|
|
|
|
|
|
Vulnerable Products
|
|
Vulnerable Software:
Axway SecureTransport 4.x
|
|
|
|
|
|
Solution
|
|
Update to version 4.8.2 Patch 12.
|
|
|
|
|
|
CVE
|
|
|
|
|
|
|
|
References
|
|
http://archives.neohapsis.com/archives/bugtraq/2011-08/0201.html
|
|
|
|
|
|
Vulnerability Manager Detection
|
|
No
|
|
|
|
|
|
IPS Protection
|
|
|
|
|
|
|
