Lucene search
+L

79 matches found

prion
prion
added 2017/04/28 4:59 p.m.14 views

Directory traversal

Directory traversal vulnerability in AttacheCase 2.8.2.8 and earlier and 3.2.0.4 and earlier allows remote attackers to read arbitrary files via specially crafted ATC file...

4.3CVSS7.2AI score0.02605EPSS
Exploits0References3Affected Software1
osv
osv
added 2017/04/28 4:59 p.m.4 views

CVE-2016-7842

Directory traversal vulnerability in AttacheCase 2.8.2.8 and earlier and 3.2.0.4 and earlier allows remote attackers to read arbitrary files via specially crafted ATC file...

5.5CVSS5.9AI score0.02605EPSS
Exploits0References3
nvd
nvd
added 2017/04/28 4:59 p.m.14 views

CVE-2016-7842

Directory traversal vulnerability in AttacheCase 2.8.2.8 and earlier and 3.2.0.4 and earlier allows remote attackers to read arbitrary files via specially crafted ATC file...

5.5CVSS5.5AI score0.02605EPSS
Exploits0References3
prion
prion
added 2017/04/28 4:59 p.m.12 views

Directory traversal

Directory traversal vulnerability in AttacheCase for Java 0.60 and earlier, AttacheCase Lite 1.4.6 and earlier, and AttacheCase Pro 1.5.7 and earlier allows remote attackers to read arbitrary files via specially crafted ATC file...

4.3CVSS7.2AI score0.03417EPSS
Exploits0References3Affected Software3
osv
osv
added 2017/04/28 4:59 p.m.4 views

CVE-2016-7843

Directory traversal vulnerability in AttacheCase for Java 0.60 and earlier, AttacheCase Lite 1.4.6 and earlier, and AttacheCase Pro 1.5.7 and earlier allows remote attackers to read arbitrary files via specially crafted ATC file...

5.5CVSS5.9AI score0.03417EPSS
Exploits0References3
nvd
nvd
added 2017/04/28 4:59 p.m.13 views

CVE-2016-7843

Directory traversal vulnerability in AttacheCase for Java 0.60 and earlier, AttacheCase Lite 1.4.6 and earlier, and AttacheCase Pro 1.5.7 and earlier allows remote attackers to read arbitrary files via specially crafted ATC file...

5.5CVSS5.5AI score0.03417EPSS
Exploits0References3
cvelist
cvelist
added 2017/04/28 4:0 p.m.22 views

CVE-2016-7842

Directory traversal vulnerability in AttacheCase 2.8.2.8 and earlier and 3.2.0.4 and earlier allows remote attackers to read arbitrary files via specially crafted ATC file...

5.5AI score0.02605EPSS
Exploits0References3
cve
cve
added 2017/04/28 4:0 p.m.41 views

CVE-2016-7842

AttacheCase contains a directory traversal vulnerability (CWE-22) that allows reading arbitrary files via crafted ATC files. Affected products: AttacheCase ver. 2.8.2.8 and earlier, and ver. 3.2.0.4 and earlier. Root cause: flaw in processing filenames in ATC files. Impact reported in sources inc...

5.5CVSS5.5AI score0.02605EPSS
Exploits0References3Affected Software1
cvelist
cvelist
added 2017/04/28 4:0 p.m.17 views

CVE-2016-7843

Directory traversal vulnerability in AttacheCase for Java 0.60 and earlier, AttacheCase Lite 1.4.6 and earlier, and AttacheCase Pro 1.5.7 and earlier allows remote attackers to read arbitrary files via specially crafted ATC file...

5.5AI score0.03417EPSS
Exploits0References3
cve
cve
added 2017/04/28 4:0 p.m.38 views

CVE-2016-7843

CVE-2016-7843 describes a directory traversal vulnerability in MaruUo Factory's AttacheCase family (AttacheCase for Java ≤0.60, AttacheCase Lite ≤1.4.6, AttacheCase Pro ≤1.5.7). The flaw stems from how ATC filenames are processed, allowing a remote attacker to read arbitrary files by crafting an ...

5.5CVSS5.5AI score0.03417EPSS
Exploits0References3Affected Software3
jvn
jvn
added 2017/01/16 5:35 a.m.5 views

AttacheCase vulnerable to directory traversal

Overview AttacheCase is an open source file encryption software provided by HiBARA Software. AttacheCase contains a directory traversal vulnerability CWE-22 due to a flaw in processing filenames in ATC files. Kazuki Furukawa reported this vulnerability to IPA. JPCERT/CC coordinated with the...

5.5CVSS6.6AI score0.02605EPSS
Exploits0References5
jvn
jvn
added 2017/01/16 12:0 a.m.27 views

JVN#28331227: MaruUo Factory's multiple AttacheCase products vulnerable to directory traversal

Multiple AttacheCase products provided by MaruUo Factory contain a directory traversal vulnerability CWE-22 due to a flaw in processing filenames in ATC files. Impact Decrypting a crafted ATC file may result in creation of an arbitrary file or overwriting of an existing file. Solution Update the...

5.5CVSS5.5AI score0.03417EPSS
Exploits0
jvn
jvn
added 2017/01/16 12:0 a.m.41 views

JVN#83917769: AttacheCase vulnerable to directory traversal

AttacheCase is an open source file encryption software provided by HiBARA Software. AttacheCase contains a directory traversal vulnerability CWE-22 due to a flaw in processing filenames in ATC files. Impact Decrypting a crafted ATC file may result in creation of an arbitrary file or overwriting o...

5.5CVSS5.5AI score0.02605EPSS
Exploits0
nvd
nvd
added 2010/12/30 9:0 p.m.25 views

CVE-2010-3923

Untrusted search path vulnerability in AttacheCase before 2.70 allows local users to gain privileges via a Trojan horse executable file in the current working directory...

6.9CVSS6.5AI score0.00287EPSS
Exploits0References4
prion
prion
added 2010/12/30 9:0 p.m.14 views

Design/Logic Flaw

Untrusted search path vulnerability in AttacheCase before 2.70 allows local users to gain privileges via a Trojan horse executable file in the current working directory...

6.9CVSS6.9AI score0.00287EPSS
Exploits0References4Affected Software1
cve
cve
added 2010/12/30 8:0 p.m.44 views

CVE-2010-3923

AttacheCase is vulnerable to an untrusted search path leading to privilege escalation via a Trojan horse executable in the current working directory, affecting AttacheCase before v2.70. Multiple sources (NVD entry CVE-2010-3923, Red Hat advisory, JVN entries) confirm the flaw and the fix is to up...

6.9CVSS6.7AI score0.00287EPSS
Exploits0References4Affected Software1
cvelist
cvelist
added 2010/12/30 8:0 p.m.26 views

CVE-2010-3923

Untrusted search path vulnerability in AttacheCase before 2.70 allows local users to gain privileges via a Trojan horse executable file in the current working directory...

6.5AI score0.00287EPSS
Exploits0References4
jvn
jvn
added 2010/12/17 9:30 a.m.5 views

AttacheCase may insecurely load executable files

Overview AttacheCase may use unsafe methods for determining how to load executables .exe. AttacheCase is a file encryption/decryption software. AttacheCase loads certain executables .exe when decrypting files, if certain settings are applied. AttacheCase contains an issue with the file search pat...

6.9CVSS7.5AI score0.00287EPSS
Exploits0References5
jvn
jvn
added 2010/12/17 12:0 a.m.34 views

JVN#02175694: AttacheCase may insecurely load executable files

AttacheCase is a file encryption/decryption software. AttacheCase loads certain executables .exe when decrypting files, if certain settings are applied. AttacheCase contains an issue with the file search path, which may insecurely load executables. Impact An attacker may execute arbitrary code wi...

6.9CVSS7.2AI score0.00287EPSS
Exploits0
Rows per page
Query Builder