3 matches found
EUVD-2008-7070
Malware in sbrugna...
Code injection
The Scanner File Utility aka listener in Kyocera Mita KM 3.3.0.1 does not restrict the filenames or extensions of uploaded files, which makes it easier for remote attackers to execute arbitrary code or overwrite files by leveraging CVE-2008-7110 and CVE-2008-7109...
CVE-2008-7110
CVE-2008-7110 affects Kyocera Mita KM 3.3.0.1: the Scanner File Utility (aka listener) vulnerable to directory traversal via .. in a request, enabling remote upload of files to arbitrary locations. Related entries (CVE-2008-7111) indicate the tool does not restrict uploaded filenames or extension...