Oracle Application Testing Suite Directory Traversal Vulnerability

A Directory Traversal Vulnerability was identified in Oracle Enterprise Manager Application Testing Suite. The vulnerability can be exploited over the HTTP protocol. A remote, unauthenticated attacker can exploit this vulnerability to download arbitrary files from the target server.

This vulnerability affects the following supported versions:

- Oracle Application Testing Suite 12.4.0.2
- Oracle Application Testing Suite 12.5.0.2

The vulnerability has been patched by the vendor, please find the details here. (http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html)

This vulnerability is referred by CVE as CVE-2016-0484.

It is time to patch you Security Device to prevent this.

Have a good time.
(Be knowledgeable, pass it on then)

Post a Comment