CVE-2008-0457
CVE-2008-0457
Unrestricted file upload vulnerability in the FileUpload class running on the Symantec LiveState Apache Tomcat server, as used by Symantec Backup Exec System Recovery Manager 7.0 and 7.0.1, allows remote attackers to upload and execute arbitrary JSP files via unknown vectors.
Affected products
n/a · n/apublic PoCs found — 2
cve_referencewww.exploit-db.com/exploits/5078unverifiedexploitdbwww.exploit-db.com/exploits/31072unverified⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.
Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
http://secunia.com/advisories/28787http://seer.entsupport.symantec.com/docs/297171.htmhttps://www.exploit-db.com/exploits/5078http://www.securityfocus.com/archive/1/487688/100/0/threadedhttp://www.securityfocus.com/bid/27487http://www.securitytracker.com/id?1019303http://www.symantec.com/avcenter/security/Content/2008.02.04.htmlhttp://www.vupen.com/english/advisories/2008/0413http://www.zerodayinitiative.com/advisories/ZDI-08-003.html