OWASP Dependency-Check CVE-2018-12036 Arbitrary File Overwrite Vulnerability
BID:107079
Info
OWASP Dependency-Check CVE-2018-12036 Arbitrary File Overwrite Vulnerability
| Bugtraq ID: | 107079 |
| Class: | Design Error |
| CVE: |
CVE-2018-12036 |
| Remote: | Yes |
| Local: | No |
| Published: | Jun 21 2018 12:00AM |
| Updated: | Jun 21 2018 12:00AM |
| Credit: | snyk |
| Vulnerable: |
OWASP Dependency-Check 3.1.2 OWASP Dependency-Check 3.1.1 OWASP Dependency-Check 3.1 OWASP Dependency-Check 3.0.2 OWASP Dependency-Check 3.0.1 OWASP Dependency-Check 3.0 |
| Not Vulnerable: |
OWASP Dependency-Check 3.2 |
Discussion
OWASP Dependency-Check CVE-2018-12036 Arbitrary File Overwrite Vulnerability
OWASP Dependency-Check is prone to an arbitrary file-overwrite vulnerability.
Successful exploits may allow an attacker to overwrite arbitrary files and execute the code in the context of the user running the affected application.
OWASP Dependency-Check prior to version 3.2.0 are vulnerable.
OWASP Dependency-Check is prone to an arbitrary file-overwrite vulnerability.
Successful exploits may allow an attacker to overwrite arbitrary files and execute the code in the context of the user running the affected application.
OWASP Dependency-Check prior to version 3.2.0 are vulnerable.
Exploit / POC
OWASP Dependency-Check CVE-2018-12036 Arbitrary File Overwrite Vulnerability
Currently, we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Currently, we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Solution / Fix
OWASP Dependency-Check CVE-2018-12036 Arbitrary File Overwrite Vulnerability
Solution:
Updates are available. Please see the references or vendor advisory for more information.
Solution:
Updates are available. Please see the references or vendor advisory for more information.
References
OWASP Dependency-Check CVE-2018-12036 Arbitrary File Overwrite Vulnerability
References:
References: