login.gas.bat and other CGI scripts in Entrust getAccess allow remote attackers to execute Java programs, and possibly arbitrary commands, by specifying an alternate -classpath argument.
Max CVSS
7.5
EPSS Score
0.67%
Published
2001-07-27
Updated
2017-12-19
Directory traversal vulnerability in Entrust GetAccess allows remote attackers to read arbitrary files via a .. (dot dot) in the locale parameter to (1) helpwin.gas.bat or (2) AboutBox.gas.bat.
Max CVSS
5.0
EPSS Score
1.16%
Published
2001-12-06
Updated
2017-07-11
2 vulnerabilities found