2 matches found
CVE-2008-2512
CVE-2008-2512 is a directory-traversal vulnerability in Symantec Backup Exec System Recovery Manager (BESR) (7.x before 7.0.4 and 8.x before 8.0.2). A remote, unauthenticated attacker can exploit an inadequate sanitization in the Tomcat-based servlet (reportsfile) to read arbitrary files on the a...
Symantec Backup Exec System Recovery Manager Traversal Arbitrary File Access
The remote host appears to be running Symantec Backup Exec System Recovery Manager, a backup manager solution. The Tomcat servlet 'reportsfile' included in the version of Backup Exec System Recovery Manager installed on the remote host fails to properly sanitize user input to the 'filename'...