Description

Oracle, GlassFish Server Open Source Edition 3.0.1 (build 22) is vulnerable to Local File Inclusion vulnerability, that makes it possible to include arbitrary files on the server, this vulnerability can be exploited without any prior authentication.

Remediation

References

CVE-2017-1000029

Related Vulnerabilities

WordPress Plugin Post Grid Gutenberg Blocks and WordPress Blog-PostX Security Bypass (4.1.2)

PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2007-4033)

phpMyAdmin Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-9855)

WordPress Plugin Everest Review Lite-User/Admin review for WordPress includes Backdoor [Only if downloaded via the vendor website] (1.0.7)

WordPress Plugin wpDataTables-WordPress Data Table, Dynamic Tables & Table Charts Multiple Cross-Site Scripting Vulnerabilities (2.1.27)

Severity

High

Classification

CVE-2017-1000029 CWE-200 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Tags

Missing Update Known Vulnerabilities