CVE-2016-3976 (netweaver)
Directory traversal vulnerability in SAP NetWeaver AS Java 7.4 allows remote attackers to read arbitrary files via directory traversal sequences in unspecified vectors related to CrashFileDownloadServlet, aka SAP Security Note 2234971.
Source: CVE-2016-3976 (netweaver)