Test ID:	1.3.6.1.4.1.25623.1.0.809473
Category:	General
Title:	Oracle NetBeans IDE Import Directory Traversal Vulnerability - Windows
Summary:	Oracle NetBeans IDE is prone to a directory traversal vulnerability.
Description:	Summary: Oracle NetBeans IDE is prone to a directory traversal vulnerability. Vulnerability Insight: The flaw exists due to an improper validation of '../' characters in an archive entry of a ZIP file imported as a project. Vulnerability Impact: Successful exploitation will allow local users with certain permissions to perform unauthorized update, insert or delete access to some of NetBeans accessible data as well as unauthorized read access to a subset of NetBeans accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of NetBeans. Affected Software/OS: Oracle NetBeans IDE version 8.1 on Windows Solution: Apply the patch from the referenced advisory. CVSS Score: 4.6 CVSS Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2016-5537 BugTraq ID: 93686 http://www.securityfocus.com/bid/93686 Bugtraq: 20161021 Oracle Netbeans IDE v8.1 Import Directory Traversal (Google Search) http://www.securityfocus.com/archive/1/539615/100/0/threaded https://www.exploit-db.com/exploits/40588/ http://hyp3rlinx.altervista.org/advisories/ORACLE-NETBEANS-IDE-DIRECTORY-TRAVERSAL.txt http://packetstormsecurity.com/files/139259/Oracle-Netbeans-IDE-8.1-Directory-Traversal.html http://www.securitytracker.com/id/1037051
Copyright	Copyright (C) 2016 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.