Arbitrary Code Execution in Thomson Reuters Velocity Analytics Vhayu Analytic Server 6.94 build 2995

CVE-2013-5912

VhttpdMgr in Thomson Reuters Velocity Analytics Vhayu Analytic Server 6.94 build 2995 allows remote attackers to execute arbitrary code via a URL in the fileName parameter during an importFile action.

Learn more about our Cis Benchmark Audit For Server Software.