Unspecified Directory Traversal Vulnerability in NetBeans Component of Oracle Fusion Middleware 8.1

CVE-2016-5537 · MEDIUM Severity

AV:L/AC:L/AU:N/C:P/I:P/A:P

Unspecified vulnerability in the NetBeans component in Oracle Fusion Middleware 8.1 allows local users to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information is from the October 2016 CPU. Oracle has not commented on third-party claims that this issue is a directory traversal vulnerability which allows local users with certain permissions to write to arbitrary files and consequently gain privileges via a .. (dot dot) in a archive entry in a ZIP file imported as a project.

Learn more about our User Device Pen Test.