CVE-2016-5312

Publication date

2017-04-14 18:00:00

Family

symantec

State

PUBLISHED

Description

Directory traversal vulnerability in the charting component in Symantec Messaging Gateway before 10.6.2 allows remote authenticated users to read arbitrary files via a .. (dot dot) in the sn parameter to brightmail/servlet/com.ve.kavachart.servlet.ChartStream.