45 matches found
CVE-2021-28684
The XML parser used in ConeXware PowerArchiver before 20.10.02 allows processing of external entities, which might lead to exfiltration of local files over the network via an XXE attack...
EUVD-2021-15341
Malware in sbrugna...
EUVD-2014-2357
Malware in sbrugna...
EUVD-2005-3061
Malware in sbrugna...
EUVD-2007-0101
Malware in sbrugna...
EUVD-2006-3978
Malware in sbrugna...
CVE-2021-28684
The XML parser used in ConeXware PowerArchiver before 20.10.02 allows processing of external entities, which might lead to exfiltration of local files over the network via an XXE attack...
CVE-2021-28684
The XML parser used in ConeXware PowerArchiver before 20.10.02 allows processing of external entities, which might lead to exfiltration of local files over the network via an XXE attack...
CVE-2021-28684
The XML parser used in ConeXware PowerArchiver before 20.10.02 allows processing of external entities, which might lead to exfiltration of local files over the network via an XXE attack...
Xxe
The XML parser used in ConeXware PowerArchiver before 20.10.02 allows processing of external entities, which might lead to exfiltration of local files over the network via an XXE attack...
CVE-2021-28684
The CVE-2021-28684 entry describes an XXE vulnerability in the XML parser used by ConeXware PowerArchiver up to version 20.10.02, allowing external entities to exfiltrate local files over the network. Affected software is PowerArchiver (ConeXware) prior to 20.10.02; root cause is processing of ex...
CVE-2021-28684
The XML parser used in ConeXware PowerArchiver before 20.10.02 allows processing of external entities, which might lead to exfiltration of local files over the network via an XXE attack...
PowerArchiver 代码问题漏洞
PowerArchiver is a software application. It provides a function to compress and encrypt data A code issue vulnerability exists in PowerArchiver versions prior to 20.10.02, which stems from the XM parser used by the program that allows the processing of external entities, which could lead to the...
PowerArchiver 14.02.03 Incorrect PKZIP Encryption Usage
The remote host has PowerArchiver version 14.02.03 installed. It is, therefore, affected by a flaw with the encryption usage. A flaw exists in the application where the insecure PKZIP encryption method is used when a user attempts to encrypt files with AES 256-bit encryption. Note that Nessus has...
PowerArchiver by ConeXware Installed
Binary data powerarchiverdetect.nbin...
PowerArchiver weak encrption
Native ZIP encryption is used instead of AES...
PowerArchiver: Uses insecure legacy PKZIP encryption when AES is selected (CVE-2014-2319)
PowerArchiver: Uses insecure legacy PKZIP encryption when AES is selected CVE-2014-2319 References https://vulners.com/cve/CVE-2014-2319 http://int21.de/cve/CVE-2014-2319-powerarchiver.html http://www.powerarchiver.com/2014/03/12/powerarchiver-2013-14-02-05-released/ Background...
ConeXware PowerArchiver弱加密漏洞
Bugtraq ID:66174 CVE ID:CVE-2014-2319 ConeXware PowerArchiver是一款压缩工具。 如果在GUI中用户选择AES加密,ConeXware PowerArchiver会以不安全加密方法来创建文件。如选择"AES 256-bit"进行加密软件会使用PKZIP加密来代替。 0 ConeXware PowerArchiver 14.02.03 ConeXware PowerArchiver 14.02.05已经修复该漏洞,建议用户下载更新: http://www.powerarchiver.com...
CVE-2014-2319
The Encrypt Files feature in ConeXware PowerArchiver before 14.02.05 uses legacy ZIP encryption even if the AES 256-bit selection is chosen, which makes it easier for context-dependent attackers to obtain sensitive information via a known-plaintext attack...
CVE-2014-2319
PowerArchiver (ConeXware) 14.02.03 vulnerable: Encrypt Files feature uses legacy PKZIP encryption even when AES 256-bit is selected, enabling a known-plaintext exposure. Root cause is insecure encryption usage in the AES path. Affected version(s) include 14.02.03; vendor released 14.02.05 to fix ...