CVE-2016-9892 - Remote Code Execution as Root via ESET Endpoint Antivirus 6
---
Summary
===
Name: Remote Code Execution as Root via ESET Endpoint Antivirus 6
CVE: CVE-2016-9892
Discoverers: Jason Geffner and Jan Bee
=
MGC ALERT 2017-002
- Original release date: February 21, 2017
- Last revised: February 28, 2017
- Discovered by: Manuel García Cárdenas
- Severity: 7,1/10 (CVSS Base Score)
=
I. VULNERABILITY
Hi list,
We have found a Cross-site scripting vulnerability in SAP BusinessObjects
Financial Consolidation.
[Description]
Cross-site scripting (XSS) vulnerability in the help component of SAP
BusinessObjects Financial Consolidation 10.0.0.1933 allows remote
attackers to inject arbitrary web