79 matches found
Directory traversal
Directory traversal vulnerability in AttacheCase 2.8.2.8 and earlier and 3.2.0.4 and earlier allows remote attackers to read arbitrary files via specially crafted ATC file...
CVE-2016-7842
Directory traversal vulnerability in AttacheCase 2.8.2.8 and earlier and 3.2.0.4 and earlier allows remote attackers to read arbitrary files via specially crafted ATC file...
CVE-2016-7842
Directory traversal vulnerability in AttacheCase 2.8.2.8 and earlier and 3.2.0.4 and earlier allows remote attackers to read arbitrary files via specially crafted ATC file...
Directory traversal
Directory traversal vulnerability in AttacheCase for Java 0.60 and earlier, AttacheCase Lite 1.4.6 and earlier, and AttacheCase Pro 1.5.7 and earlier allows remote attackers to read arbitrary files via specially crafted ATC file...
CVE-2016-7843
Directory traversal vulnerability in AttacheCase for Java 0.60 and earlier, AttacheCase Lite 1.4.6 and earlier, and AttacheCase Pro 1.5.7 and earlier allows remote attackers to read arbitrary files via specially crafted ATC file...
CVE-2016-7843
Directory traversal vulnerability in AttacheCase for Java 0.60 and earlier, AttacheCase Lite 1.4.6 and earlier, and AttacheCase Pro 1.5.7 and earlier allows remote attackers to read arbitrary files via specially crafted ATC file...
CVE-2016-7842
Directory traversal vulnerability in AttacheCase 2.8.2.8 and earlier and 3.2.0.4 and earlier allows remote attackers to read arbitrary files via specially crafted ATC file...
CVE-2016-7842
AttacheCase contains a directory traversal vulnerability (CWE-22) that allows reading arbitrary files via crafted ATC files. Affected products: AttacheCase ver. 2.8.2.8 and earlier, and ver. 3.2.0.4 and earlier. Root cause: flaw in processing filenames in ATC files. Impact reported in sources inc...
CVE-2016-7843
Directory traversal vulnerability in AttacheCase for Java 0.60 and earlier, AttacheCase Lite 1.4.6 and earlier, and AttacheCase Pro 1.5.7 and earlier allows remote attackers to read arbitrary files via specially crafted ATC file...
CVE-2016-7843
CVE-2016-7843 describes a directory traversal vulnerability in MaruUo Factory's AttacheCase family (AttacheCase for Java ≤0.60, AttacheCase Lite ≤1.4.6, AttacheCase Pro ≤1.5.7). The flaw stems from how ATC filenames are processed, allowing a remote attacker to read arbitrary files by crafting an ...
AttacheCase vulnerable to directory traversal
Overview AttacheCase is an open source file encryption software provided by HiBARA Software. AttacheCase contains a directory traversal vulnerability CWE-22 due to a flaw in processing filenames in ATC files. Kazuki Furukawa reported this vulnerability to IPA. JPCERT/CC coordinated with the...
JVN#28331227: MaruUo Factory's multiple AttacheCase products vulnerable to directory traversal
Multiple AttacheCase products provided by MaruUo Factory contain a directory traversal vulnerability CWE-22 due to a flaw in processing filenames in ATC files. Impact Decrypting a crafted ATC file may result in creation of an arbitrary file or overwriting of an existing file. Solution Update the...
JVN#83917769: AttacheCase vulnerable to directory traversal
AttacheCase is an open source file encryption software provided by HiBARA Software. AttacheCase contains a directory traversal vulnerability CWE-22 due to a flaw in processing filenames in ATC files. Impact Decrypting a crafted ATC file may result in creation of an arbitrary file or overwriting o...
CVE-2010-3923
Untrusted search path vulnerability in AttacheCase before 2.70 allows local users to gain privileges via a Trojan horse executable file in the current working directory...
Design/Logic Flaw
Untrusted search path vulnerability in AttacheCase before 2.70 allows local users to gain privileges via a Trojan horse executable file in the current working directory...
CVE-2010-3923
AttacheCase is vulnerable to an untrusted search path leading to privilege escalation via a Trojan horse executable in the current working directory, affecting AttacheCase before v2.70. Multiple sources (NVD entry CVE-2010-3923, Red Hat advisory, JVN entries) confirm the flaw and the fix is to up...
CVE-2010-3923
Untrusted search path vulnerability in AttacheCase before 2.70 allows local users to gain privileges via a Trojan horse executable file in the current working directory...
AttacheCase may insecurely load executable files
Overview AttacheCase may use unsafe methods for determining how to load executables .exe. AttacheCase is a file encryption/decryption software. AttacheCase loads certain executables .exe when decrypting files, if certain settings are applied. AttacheCase contains an issue with the file search pat...
JVN#02175694: AttacheCase may insecurely load executable files
AttacheCase is a file encryption/decryption software. AttacheCase loads certain executables .exe when decrypting files, if certain settings are applied. AttacheCase contains an issue with the file search path, which may insecurely load executables. Impact An attacker may execute arbitrary code wi...