CVE-2012-4834

Published: Nov 30, 2012

Modified: Aug 6, 2024

PUBLISHED

Description

Directory traversal vulnerability in LayerLoader.jsp in the theme component in IBM WebSphere Portal 7.0.0.1 and 7.0.0.2 before CF19 and 8.0 before CF03 allows remote attackers to read arbitrary files via a crafted URI.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

51281

third-party-advisory

x_refsource_SECUNIA

http://www.ibm.com/support/docview.wss?uid=swg24033155

x_refsource_CONFIRM

websphere-portal-layloader-dir-traversal(78914)

vdb-entry

x_refsource_XF

http://www.ibm.com/connections/blogs/PSIRT/entry/security_vulnerability_in_theme_component_for_websphere_portal_versions_7_0_0_x_and_8_0_cve2012_48344

x_refsource_CONFIRM

http://www.ibm.com/support/docview.wss?uid=swg21617713

x_refsource_CONFIRM

PM76354

vendor-advisory

x_refsource_AIXAPAR

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2012-4834

Description

Affected Products

References