2 matches found
Oracle Fusion Middleware MapViewer FileUploaderServlet fileName Directory Traversal (CVE-2017-3230)
A directory traversal vulnerability has been reported in Oracle Fusion Middleware MapViewer. The vulnerability is due to a lack of proper input sanitization on multipart form-data requests in FileUploaderServlet. A remote attacker can exploit this vulnerability by sending a maliciously crafted HT...
CVE-2017-3230
CVE-2017-3230 affects Oracle Fusion Middleware MapViewer (Map Builder) with MapViewer versions 11.1.1.9, 12.2.1.1, 12.2.1.2. Connected advisories describe concrete flaws in FileUploaderServlet: a directory traversal/ improper input validation on multipart form-data can be exploited by unauthentic...