CVE-2015-0785

CVE-2015-0785

EPSS 6.5%

com.novell.zenworks.inventory.rtr.actionclasses.wcreports in Novell ZENworks Configuration Management (ZCM) allows remote attackers to read arbitrary folders via the dirname variable.

Affected products

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://www.novell.com/support/kb/doc.php?id=7016431 http://www.securityfocus.com/bid/74288 http://www.zerodayinitiative.com/advisories/ZDI-15-152