Unrated severityNVD Advisory· Published Sep 22, 2006· Updated Jun 16, 2026
CVE-2006-4900
CVE-2006-4900
Description
Directory traversal vulnerability in Computer Associates (CA) eTrust Security Command Center 1.0 and r8 up to SP1 CR2, allows remote authenticated users to read and delete arbitrary files via ".." sequences in the eSCCAdHocHtmlFile parameter to eSMPAuditServlet, which is not properly handled by the getadhochtml function.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
4cpe:2.3:a:broadcom:etrust_security_command_center:8:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:a:broadcom:etrust_security_command_center:8:*:*:*:*:*:*:*
- cpe:2.3:a:broadcom:etrust_security_command_center:8:sp1:cr1:*:*:*:*:*
- cpe:2.3:a:broadcom:etrust_security_command_center:8:sp1:cr2:*:*:*:*:*
- Range: 1.0 and r8 up to SP1 CR2
Patches
Vulnerability mechanics
References
11- www3.ca.com/securityadvisor/vulninfo/vuln.aspxnvdPatchVendor Advisory
- secunia.com/advisories/22023nvdExploitPatchVendor Advisory
- users.tpg.com.au/adsl2dvp/advisories/200608-computerassociates.txtnvdExploitPatchVendor Advisory
- www.osvdb.org/29010nvdExploitPatch
- www3.ca.com/securityadvisor/blogs/posting.aspxnvdExploitPatchVendor Advisory
- securitytracker.com/idnvd
- www.securityfocus.com/archive/1/446611/100/0/threadednvd
- www.securityfocus.com/archive/1/446716/100/0/threadednvd
- www.securityfocus.com/bid/20139nvd
- www.vupen.com/english/advisories/2006/3738nvd
- exchange.xforce.ibmcloud.com/vulnerabilities/29104nvd
News mentions
0No linked articles in our index yet.