Intrusion Prevention

Lexmark.Markvision.GfdFileUploadServlet.Directory.Traversal

Description

This indicates an attack attempt against a Directory Traversal vulnerability in Lexmark MarkVision.
The vulnerability is due to insufficient sanitizing of user supplied inputs when handling a crafted HTTP packet. It allows a remote attacker to create files in the affected machine and execute arbitrary code in the vulnerable machine via crafted requests.

Affected Products

Lexmark MarkVision Enterprise prior to v2.1

Impact

System Compromise: Remote attackers can gain control of vulnerable systems.

Recommended Actions

Currently we are unaware of any vendor supplied patch for this issue

CVE References

CVE-2014-8741