Vulnerabilities

CVE-2013-2186

by Fred · 28/10/2013

The DiskFileItem class in Apache Commons FileUpload, as used in Red Hat JBoss BRMS 5.3.1; JBoss Portal 4.3 CP07, 5.2.2, and 6.0.0; and Red Hat JBoss Web Server 1.0.2 allows remote attackers to write to arbitrary files via a NULL byte in a file name in a serialized instance.

Date published : 2013-10-28

http://www.securityfocus.com/bid/63174

http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html

Similar

Tags: Cybersecurity Alert