JVN#64451600: Tablacus Explorer vulnerable to script injection

2017-04-07T00:00:00
ID JVN:64451600
Type jvn
Reporter Japan Vulnerability Notes
Modified 2017-04-07T00:00:00

Description

## Description

Tablacus Explorer is a tabbled file manager. Tablacus Explorer contains a script injection vulnerability due to improper handling of directory names.

## Impact

When a user accesses a crafted directory, an arbitrary script may be executed on Tablacus Explorer. As a result, an arbitrary OS command may be executed with the privilege of Tablacus Explorer.

## Solution

Update the Software
Update to the latest version according to the information provided by the developer.

## Products Affected

  • Tablacus Explorer 17.3.30 and earlier