Unspecified vulnerability in the NetBeans component in Oracle Fusion Middleware 8.1 allows local users to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information is from the October 2016 CPU. Oracle has not commented on third-party claims that this issue is a directory traversal vulnerability which allows local users with certain permissions to write to arbitrary files and consequently gain privileges via a .. (dot dot) in a archive entry in a ZIP file imported as a project.
{ "binaries": [ { "binary_name": "libnb-absolutelayout-java", "binary_version": "10.0-3~18.04.1ubuntu1" }, { "binary_name": "libnb-apisupport3-java", "binary_version": "10.0-3~18.04.1ubuntu1" }, { "binary_name": "libnb-ide14-java", "binary_version": "10.0-3~18.04.1ubuntu1" }, { "binary_name": "libnb-java5-java", "binary_version": "10.0-3~18.04.1ubuntu1" }, { "binary_name": "netbeans", "binary_version": "10.0-3~18.04.1ubuntu1" } ], "availability": "No subscription required", "ubuntu_priority": "medium" }