CVE-2016-1242

NONE EPSS 76.1%
Published Sep 7, 20169y ago · Modified Jun 17, 20262w ago
Find Similar
Published Sep 7, 2016 9y ago
Last Modified Jun 17, 2026 2w ago

Description

file_open in Tryton before 3.2.17, 3.4.x before 3.4.14, 3.6.x before 3.6.12, 3.8.x before 3.8.8, and 4.x before 4.0.4 allows remote authenticated users with certain permissions to read arbitrary files via the name parameter or unspecified other vectors.

Threat Intelligence

EPSS Exploit Probability
76.1% percentile
Exploit & Patch Status
No Known Exploit
No Patch Available

Weaknesses 1

CWE-200 Exposure of Sensitive Information to an Unauthorized Actor Information Exposure

Affected Products 41

VendorProductVersionRange
trytontryton4.0.0any
trytontryton4.0.1any
trytontryton4.0.2any
trytontryton4.0.3any
trytontryton* ≤3.2.16
trytontryton3.8.0any
trytontryton3.8.1any
trytontryton3.8.2any
trytontryton3.8.3any
trytontryton3.8.4any
trytontryton3.8.5any
trytontryton3.8.6any
trytontryton3.8.7any
trytontryton3.4.0any
trytontryton3.4.1any
trytontryton3.4.2any
trytontryton3.4.3any
trytontryton3.4.4any
trytontryton3.4.5any
trytontryton3.4.6any
trytontryton3.4.7any
trytontryton3.4.8any
trytontryton3.4.9any
trytontryton3.4.10any
trytontryton3.4.11any
trytontryton3.4.12any
trytontryton3.4.13any
trytontryton3.8.4any
trytontryton3.2.0any
trytontryton3.6.0any
trytontryton3.6.1any
trytontryton3.6.2any
trytontryton3.6.3any
trytontryton3.6.4any
trytontryton3.6.5any
trytontryton3.6.6any
trytontryton3.6.7any
trytontryton3.6.8any
trytontryton3.6.9any
trytontryton3.6.10any
trytontryton3.6.11any

References 3

  • debian.org http://www.debian.org/security/2016/dsa-3656
    Third Party Advisory
  • tryton.org http://www.tryton.org/posts/security-release-for-issue5795-and-issue5808.html
    Vendor Advisory
  • bugs.tryton.org https://bugs.tryton.org/issue5808
    Issue Tracking

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.