Novell File Reporter : Security vulnerabilities, CVEs directory traversal published in 2012

Copy

CVE-2012-4959

Public exploit

Directory traversal vulnerability in NFRAgent.exe in Novell File Reporter 1.0.2 allows remote attackers to upload and execute files via a 130 /FSF/CMD request with a .. (dot dot) in a FILE element of an FSFUI record.

Max CVSS

10.0

EPSS Score

79.77%

Published

2012-11-18

Updated

2012-11-19

CVE-2012-4958

Public exploit

Directory traversal vulnerability in NFRAgent.exe in Novell File Reporter 1.0.2 allows remote attackers to read arbitrary files via a 126 /FSF/CMD request with a .. (dot dot) in a FILE element of an FSFUI record.

Max CVSS

7.8

EPSS Score

95.27%

Published

2012-11-18

Updated

2012-11-19

CVE-2012-4957

Public exploit

Absolute path traversal vulnerability in NFRAgent.exe in Novell File Reporter 1.0.2 allows remote attackers to read arbitrary files via a /FSF/CMD request with a full pathname in a PATH element of an SRS record.

Max CVSS

7.8

EPSS Score

95.81%

Published

2012-11-18

Updated

2012-11-19

3 vulnerabilities found

This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!