VYPR
← All advisories
Unrated severityNVD Advisory· Published Nov 30, 2012· Updated Apr 29, 2026

CVE-2012-4834

CVE-2012-4834

Description

Directory traversal vulnerability in LayerLoader.jsp in the theme component in IBM WebSphere Portal 7.0.0.1 and 7.0.0.2 before CF19 and 8.0 before CF03 allows remote attackers to read arbitrary files via a crafted URI.

Affected products

39
  • IBM/Websphere Portal39 versions
    cpe:2.3:a:ibm:websphere_portal:7.0.0.1:*:*:*:*:*:*:*+ 38 more
    • cpe:2.3:a:ibm:websphere_portal:7.0.0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_portal:7.0.0.1:cf002:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_portal:7.0.0.1:cf003:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_portal:7.0.0.1:cf004:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_portal:7.0.0.1:cf005:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_portal:7.0.0.1:cf006:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_portal:7.0.0.1:cf007:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_portal:7.0.0.1:cf008:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_portal:7.0.0.1:cf009:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_portal:7.0.0.1:cf010:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_portal:7.0.0.1:cf011:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_portal:7.0.0.1:cf012:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_portal:7.0.0.1:cf013:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_portal:7.0.0.1:cf014:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_portal:7.0.0.1:cf015:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_portal:7.0.0.1:cf016:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_portal:7.0.0.1:cf017:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_portal:7.0.0.1:cf018:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_portal:7.0.0.2:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_portal:7.0.0.2:cf002:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_portal:7.0.0.2:cf003:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_portal:7.0.0.2:cf004:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_portal:7.0.0.2:cf005:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_portal:7.0.0.2:cf006:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_portal:7.0.0.2:cf007:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_portal:7.0.0.2:cf008:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_portal:7.0.0.2:cf009:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_portal:7.0.0.2:cf010:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_portal:7.0.0.2:cf011:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_portal:7.0.0.2:cf012:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_portal:7.0.0.2:cf013:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_portal:7.0.0.2:cf014:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_portal:7.0.0.2:cf015:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_portal:7.0.0.2:cf016:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_portal:7.0.0.2:cf017:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_portal:7.0.0.2:cf018:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_portal:8.0.0.0:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_portal:8.0.0.0:cf01:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_portal:8.0.0.0:cf02:*:*:*:*:*:*

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

6

News mentions

0

No linked articles in our index yet.