7 matches found
EUVD-2015-5088
Malware in sbrugna...
CVE-2015-5072
The BIRT Engine servlet in the AR System Mid Tier component before 9.0 SP1 for BMC Remedy AR System Server allows remote authenticated users to "navigate" to arbitrary local files via the imageid parameter...
CVE-2015-5072
The BIRT Engine servlet in the AR System Mid Tier component before 9.0 SP1 for BMC Remedy AR System Server allows remote authenticated users to "navigate" to arbitrary local files via the imageid parameter...
Code injection
The BIRT Engine servlet in the AR System Mid Tier component before 9.0 SP1 for BMC Remedy AR System Server allows remote authenticated users to "navigate" to arbitrary local files via the imageid parameter...
CVE-2015-5072
The BIRT Engine servlet in the AR System Mid Tier component before 9.0 SP1 for BMC Remedy AR System Server allows remote authenticated users to "navigate" to arbitrary local files via the imageid parameter...
CVE-2015-5072
The CVE-2015-5072 entry concerns BMC Remedy AR System Server’s BIRT Engine Mid Tier prior to 9.0 SP1, where the BIRT Engine servlet could be exploited by remote authenticated users to navigate to arbitrary local files via the __imageid parameter. The issue is caused by a file inclusion/control pa...
Correction: BMC-2015-0006: File inclusion vulnerability caused by misconfiguration of "BIRT Engine" servlet as used in BMC Remedy AR Reporting
Enigmail: ????? ????? ????????? ?? ???? ??????????? ??? ????????? Errata: This is a correction of our previous disclosure email from September 23rd, 2015. Our previous posting implied that the security vulnerability we discovered was in the "BIRT Engine" servlet itself. This is NOT the case, but...