CVE-2012-1196

2012-02-18T00:55:00
ID CVE-2012-1196
Type cve
Reporter cve@mitre.org
Modified 2017-08-29T01:31:00

Description

Directory traversal vulnerability in the VulCore web service (WSVulnerabilityCore/VulCore.asmx) in Lenovo ThinkManagement Console 9.0.3 allows remote attackers to delete arbitrary files via a .. (dot dot) in the filename parameter in a SetTaskLogByFile SOAP request.