2 matches found
CVE-2015-5071
CVE-2015-5071 affects BMC Remedy AR System: AR System Mid Tier prior to 9.0 SP1 in AR Reporting can allow remote authenticated users to navigate to arbitrary files via the __report parameter of the BIRT Viewer servlet. The vulnerability has been confirmed in BMC Remedy AR 8.1 and 9.0 (per errata)...
Correction: BMC-2015-0005: File inclusion vulnerability caused by misconfiguration of "BIRT Viewer" servlet as used in BMC Remedy AR Reporting
Enigmail: ????? ????? ????????? ?? ???? ??????????? ??? ????????? Errata: This is a correction of our previous disclosure email from September 23rd, 2015. Our previous posting implied that the security vulnerability we discovered was in the "BIRT Viewer" servlet itself. This is NOT the case, but...