CVE-2010-2502 Information

Description

Multiple directory traversal vulnerabilities in Splunk 4.0 through 4.0.10 and 4.1 through 4.1.1 allow (1) remote attackers to read arbitrary files aka SPL-31194; (2) remote authenticated users to modify arbitrary files aka SPL-31063; or (3) have an unknown impact via redirects aka SPL-31067.

Reference

http://www.splunk.com/view/SP-CAAAFGD