Directory Traversal Vulnerability in Symantec Messaging Gateway Charting Component

Directory Traversal Vulnerability in Symantec Messaging Gateway Charting Component

CVE-2016-5312 · MEDIUM Severity

AV:N/AC:L/AU:S/C:P/I:N/A:N

Directory traversal vulnerability in the charting component in Symantec Messaging Gateway before 10.6.2 allows remote authenticated users to read arbitrary files via a .. (dot dot) in the sn parameter to brightmail/servlet/com.ve.kavachart.servlet.ChartStream.

Learn more about our User Device Pen Test.