This bulletin was written by Vigil@nce : http://vigilance.fr/offer

SYNTHESIS OF THE VULNERABILITY

An unauthenticated attacker can upload a file outside the root of
the storage directory of McAfee ePO, in order for example to put a
Trojan Horse on the system.

Impacted products: ePO

Severity: 2/4

Creation date: 26/04/2013

DESCRIPTION OF THE VULNERABILITY

An unauthenticated attacker can upload a file outside the root of
the storage directory of McAfee ePO, in order for example to put a
Trojan Horse on the system.

Technical details are unknown.

ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN

http://vigilance.fr/vulnerability/McAfee-ePO-directory-traversal-12722