|CVSS SCORE||7.8, (AV:N/AC:L/Au:N/C:N/I:N/A:C)|
|TREND MICRO CUSTOMER PROTECTION||Trend Micro TippingPoint IPS customers are protected against this vulnerability by Digital Vaccine protection filter ID 17078. For further product information on the TippingPoint IPS: http://www.tippingpoint.com|
The specific flaw exists within the AddDriverFileServlet servlet exposed by upload/addDriver. The issue lies in the failure to sanitize the path of files uploaded, allowing for the deletion of any file on the system. An attacker could use this to create a denial-of-service condition.
|CREDIT||Andrea Micalizzi (rgod)