CVE-2007-4043

2007-07-27T22:30:00
ID CVE-2007-4043
Type cve
Reporter cve@mitre.org
Modified 2008-09-05T04:00:00

Description

file.cgi in Secure Computing SecurityReporter (aka Network Security Analyzer) before 4.6.3 allows remote attackers to bypass authentication via a name parameter ending with a "%00.gif" sequence. NOTE: a separate traversal vulnerability could be leveraged to download arbitrary files.