CVE-2016-1242

Published: Sep 7, 2016Modified: May 6, 2026

4.4

Vector

CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N

Exploitability: 0.7 / Impact: 3.6

Source: NVD

Description

file_open in Tryton before 3.2.17, 3.4.x before 3.4.14, 3.6.x before 3.6.12, 3.8.x before 3.8.8, and 4.x before 4.0.4 allows remote authenticated users with certain permissions to read arbitrary files via the name parameter or unspecified other vectors.

Affected (40)

Products: Tryton: Tryton

Tryton

1 product

Tryton

Configuration A

4 vulnerable

Vulnerable Software	Affected Versions
Tryton Tryton	Version 4.0.0
Tryton Tryton	Version 4.0.1
Tryton Tryton	Version 4.0.2
Tryton Tryton	Version 4.0.3

Configuration B

1 vulnerable

Vulnerable Software	Affected Versions
Tryton Tryton	Up to 3.2.16

Configuration C

7 vulnerable

Vulnerable Software	Affected Versions
Tryton Tryton	Version 3.8.0
Tryton Tryton	Version 3.8.1
Tryton Tryton	Version 3.8.2
Tryton Tryton	Version 3.8.3
Tryton Tryton	Version 3.8.5
Tryton Tryton	Version 3.8.6
Tryton Tryton	Version 3.8.7

Configuration D

15 vulnerable

Vulnerable Software	Affected Versions
Tryton Tryton	Version 3.4.0
Tryton Tryton	Version 3.4.10
Tryton Tryton	Version 3.4.11
Tryton Tryton	Version 3.4.12
Tryton Tryton	Version 3.4.13
Tryton Tryton	Version 3.4.1
Tryton Tryton	Version 3.4.2
Tryton Tryton	Version 3.4.3
Tryton Tryton	Version 3.4.4
Tryton Tryton	Version 3.4.5
Tryton Tryton	Version 3.4.6
Tryton Tryton	Version 3.4.7
Tryton Tryton	Version 3.4.8
Tryton Tryton	Version 3.4.9
Tryton Tryton	Version 3.8.4

Configuration E

13 vulnerable

Vulnerable Software	Affected Versions
Tryton Tryton	Version 3.2.0
Tryton Tryton	Version 3.6.0
Tryton Tryton	Version 3.6.10
Tryton Tryton	Version 3.6.11
Tryton Tryton	Version 3.6.1
Tryton Tryton	Version 3.6.2
Tryton Tryton	Version 3.6.3
Tryton Tryton	Version 3.6.4
Tryton Tryton	Version 3.6.5
Tryton Tryton	Version 3.6.6
Tryton Tryton	Version 3.6.7
Tryton Tryton	Version 3.6.8
Tryton Tryton	Version 3.6.9