CVE-2014-9375CVE-2014-9375

Affected configuration(s):

cpe:/a:lexmark:markvision_enterprise:-

Date published: 2015-02-16T10:59:00.057-05:00

Date last modified: 2015-02-17T15:16:18.947-05:00

CVSS Score: 9.0

Principal attack vector: NETWORK

Complexity:  LOW

Reference URL: http://support.lexmark.com/index?page=content&id=TE677

Summary: Directory traversal vulnerability in the LibraryFileUploadServlet servlet in Lexmark Markvision Enterprise allows remote authenticated users to write to and execute arbitrary files via a .. (dot dot) in a file path in a ZIP archive.

CategoriesUncategorised

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.