CVE-2013-0150: Path Traversal

First published: Fri Aug 09 2013(Updated: )

Directory traversal vulnerability in an unspecified signed Java applet in the client-side components in F5 BIG-IP APM 10.1.0 through 10.2.4 and 11.0.0 through 11.3.0, FirePass 6.0.0 through 6.1.0 and 7.0.0, and other products "when APM is provisioned," allows remote attackers to upload and execute arbitrary files via a .. (dot dot) in the filename parameter.

Credit: cret@cert.org cret@cert.org

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

• collector/nvd-index
• collector/nvd-api
• agent/references
• agent/weakness
• agent/severity
• agent/author
• agent/event
• agent/type
• agent/description
• agent/last-modified-date
• agent/softwarecombine
• agent/first-publish-date
• agent/tags
• collector/mitre-cve
• source/MITRE
• vendor/f5
• canonical/f5 big-ip access policy manager
• version/f5 big-ip access policy manager/10.1.0
• version/f5 big-ip access policy manager/10.2.4
• version/f5 big-ip access policy manager/11.0.0
• version/f5 big-ip access policy manager/11.3.0
• canonical/f5 firepass
• version/f5 firepass/6.0
• version/f5 firepass/6.1.0
• version/f5 firepass/7.0.0
• canonical/f5 big-ip advanced firewall manager
• version/f5 big-ip advanced firewall manager/11.3.0
• canonical/f5 big-ip analytics
• version/f5 big-ip analytics/11.0.0
• version/f5 big-ip analytics/11.3.0
• canonical/f5 big-ip application security manager
• version/f5 big-ip application security manager/10.1.0
• version/f5 big-ip application security manager/10.2.4
• version/f5 big-ip application security manager/11.0.0
• version/f5 big-ip application security manager/11.3.0
• canonical/f5 big-ip edge gateway
• version/f5 big-ip edge gateway/10.1.0
• version/f5 big-ip edge gateway/10.2.4
• version/f5 big-ip edge gateway/11.0.0
• version/f5 big-ip edge gateway/11.3.0
• canonical/f5 big-ip global traffic manager
• version/f5 big-ip global traffic manager/10.1.0
• version/f5 big-ip global traffic manager/10.2.4
• version/f5 big-ip global traffic manager/11.0.0
• version/f5 big-ip global traffic manager/11.3.0
• canonical/f5 big-ip link controller
• version/f5 big-ip link controller/10.1.0
• version/f5 big-ip link controller/10.2.4
• version/f5 big-ip link controller/11.0.0
• version/f5 big-ip link controller/11.3.0
• canonical/f5 big-ip local traffic manager
• version/f5 big-ip local traffic manager/10.1.0
• version/f5 big-ip local traffic manager/10.2.4
• version/f5 big-ip local traffic manager/11.0.0
• version/f5 big-ip local traffic manager/11.3.0
• canonical/f5 big-ip policy enforcement manager
• version/f5 big-ip policy enforcement manager/11.3.0
• canonical/f5 big-ip protocol security module
• version/f5 big-ip protocol security module/10.1.0
• version/f5 big-ip protocol security module/10.2.4
• version/f5 big-ip protocol security module/11.0.0
• version/f5 big-ip protocol security module/11.3.0
• canonical/f5 big-ip wan optimization manager
• version/f5 big-ip wan optimization manager/10.1.0
• version/f5 big-ip wan optimization manager/10.2.4
• version/f5 big-ip wan optimization manager/11.0.0
• version/f5 big-ip wan optimization manager/11.3.0
• canonical/f5 big-ip webaccelerator
• version/f5 big-ip webaccelerator/10.1.0
• version/f5 big-ip webaccelerator/10.2.4
• version/f5 big-ip webaccelerator/11.0.0
• version/f5 big-ip webaccelerator/11.3.0
• version/f5 firepass/6.0.0