CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2014-9375

Directory traversal vulnerability in the LibraryFileUploadServlet servlet in Lexmark Markvision Enterprise allows remote authenticated users to write to and execute arbitrary files via a .. (dot dot) in a file path in a ZIP archive.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.02

EPSS Ranking 82.8%

CVSS Severity

CVSS v2 Score 9.0

References

http://support.lexmark.com/index?page=content&id=TE677
http://www.zerodayinitiative.com/advisories/ZDI-15-046/
http://support.lexmark.com/index?page=content&id=TE677
http://www.zerodayinitiative.com/advisories/ZDI-15-046/

Products affected by CVE-2014-9375

Lexmark » Markvision Enterprise » Version: N/A

cpe:2.3:a:lexmark:markvision_enterprise:-

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2014-9375

Products

Pricing

Contact Us