Medium severity6.5NVD Advisory· Published Apr 14, 2017· Updated Jun 17, 2026
CVE-2016-5312
CVE-2016-5312
Description
Directory traversal vulnerability in the charting component in Symantec Messaging Gateway before 10.6.2 allows remote authenticated users to read arbitrary files via a .. (dot dot) in the sn parameter to brightmail/servlet/com.ve.kavachart.servlet.ChartStream.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2cpe:2.3:a:symantec:messaging_gateway:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:symantec:messaging_gateway:*:*:*:*:*:*:*:*range: <=10.6.1
- (no CPE)range: <10.6.2
Patches
Vulnerability mechanics
References
6- packetstormsecurity.com/files/138891/Symantec-Messaging-Gateway-10.6.1-Directory-Traversal.htmlnvdExploitThird Party AdvisoryVDB Entry
- seclists.org/fulldisclosure/2016/Sep/71nvdExploitMailing ListThird Party AdvisoryVDB Entry
- www.exploit-db.com/exploits/40437/nvdExploitThird Party AdvisoryVDB Entry
- www.securityfocus.com/bid/93148nvdThird Party AdvisoryVDB Entry
- www.securitytracker.com/id/1036908nvdThird Party AdvisoryVDB Entry
- www.symantec.com/security_response/securityupdates/detail.jspnvdVendor Advisory
News mentions
0No linked articles in our index yet.