Lucene search
Mike Arnold (Bruk0ut)ZDI-16-531HistoryOct 11, 2016 - 12:00 a.m.
VMware Horizon View loggerBean Directory Traversal Information Disclosure Vulnerability
2016-10-1100:00:00
Mike Arnold (Bruk0ut)
www.zerodayinitiative.com
57
0.107 Low
EPSS
Percentile
95.1%
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of VMware Horizon View. Authentication is not required to exploit this vulnerability. The specific flaw exists within the loggerBean service. The loadConfig method does not properly sanitize the path supplied. An attacker can leverage this vulnerability to disclose arbitrary files from the system.
Related
vmware
vmware
VMware Horizon View updates address directory traversal vulnerability
2016-10-06 00:00:00
cve
cve
CVE-2016-7087
2016-12-29 09:59:00
cvelist
cvelist
CVE-2016-7087
2016-12-29 09:02:00
nvd
nvd
CVE-2016-7087
2016-12-29 09:59:00
prion
prion
Directory traversal
2016-12-29 09:59:00
nessus
nessus
VMware Horizon View Directory Traversal File Disclosure (VMSA-2016-0015)
2016-10-13 00:00:00