CVE-2014-3460 Information

Description

Directory traversal vulnerability in the DumpToFile method in the NQMcsVarSet ActiveX control in Agent Manager in NetIQ Sentinel allows remote attackers to create arbitrary files and consequently execute arbitrary code via a crafted pathname.

Reference

http://secunia.com/advisories/58635 http://www.novell.com/support/kb/doc.php?id=7015183 http://www.securityfocus.com/bid/67487 http://www.securitytracker.com/id/1030434 http://zerodayinitiative.com/advisories/ZDI-14-134/