Nttdata Terasoluna Server Framework For Java Web Bypass A Restriction Vulnerability
4 Aug. 2016
Summary
Nttdata Terasoluna Server Framework For Java Web is prone to a bypass vulnerability. This allow an attacker to bypass detection or blocking system, which could allow malware to pass through the system undetected
Vulneable Systems:
* Nttdata Terasoluna Server Framework For Java Web 2.0.0.1
* Nttdata Terasoluna Server Framework For Java Web 2.0.0.2
* Nttdata Terasoluna Server Framework For Java Web 2.0.1.0
* Nttdata Terasoluna Server Framework For Java Web 2.0.2.0
* Nttdata Terasoluna Server Framework For Java Web 2.0.5.1
* Nttdata Terasoluna Server Framework For Java Web 2.0.5.2
* Nttdata Terasoluna Server Framework For Java Web 2.0.5.3
* Nttdata Terasoluna Server Framework For Java Web 2.0.6.1
NTT Data TERASOLUNA Server Framework for Java(WEB) 2.0.0.1 through 2.0.6.1, as used in Fujitsu Interstage Business Application Server and other products, allows remote attackers to bypass a file-extension protection mechanism, and consequently read arbitrary files, via a crafted pathname.