5 matches found
VulnCheck KEV: CVE-2016-3976
SAP NetWeaver Application Server Java Platforms contains a directory traversal vulnerability via a ..\ dot dot backslash in the fileName parameter to CrashFileDownloadServlet. This allows remote attackers to read files...
CVE-2016-3976
Directory traversal vulnerability in SAP NetWeaver AS Java 7.1 through 7.5 allows remote attackers to read arbitrary files via a ..\ dot dot backslash in the fileName parameter to CrashFileDownloadServlet, aka SAP Security Note 2234971...
CVE-2016-3976
Directory traversal vulnerability in SAP NetWeaver AS Java 7.1 through 7.5 allows remote attackers to read arbitrary files via a ..\ dot dot backslash in the fileName parameter to CrashFileDownloadServlet, aka SAP Security Note 2234971...
CVE-2016-3976
Directory traversal vulnerability in SAP NetWeaver AS Java 7.1 through 7.5 allows remote attackers to read arbitrary files via a ..\ dot dot backslash in the fileName parameter to CrashFileDownloadServlet, aka SAP Security Note 2234971...
CVE-2016-3976
CVE-2016-3976 affects SAP NetWeaver AS Java versions 7.1–7.5. The vulnerability is a directory traversal in the AS Java Monitoring/CrashFileDownloadServlet component, exploitable remotely via a ..\ in the fileName parameter to read arbitrary files on the server. Public references point to SAP Sec...