Kevin Kotas

**Name of the Vulnerable Software and Affected Versions** Studio 42 elFinder versions prior to 2.1.36 Studio 42 elFinder version 2.1.36 **Description** The issue is a directory traversal vulnerability in `elFinder.class.php` with the `zipdl()` function. This vulnerability can allow a remote attacker to download files accessible by the web server process and delete files owned by the account running the web server process. **Recommendations** For versions prior to 2.1.36, update to version 2.1.36 or later to resolve the issue. For version 2.1.36, update to version 2.1.37 or later to resolve the issue. As a temporary workaround, consider disabling the `zipdl()` function in `elFinder.class.php` until a patch is available.

**Name of the Vulnerable Software and Affected Versions** Studio 42 elFinder versions prior to 2.1.37 **Description** The issue is related to a directory traversal vulnerability in the `elFinder.class.php` file, specifically with the `zipdl()` function. This vulnerability can allow a remote attacker to download files accessible by the web server process and delete files owned by the account running the web server process. **Recommendations** For versions prior to 2.1.37, update to version 2.1.37 or later to resolve the issue. As a temporary workaround, consider disabling the `zipdl()` function in `elFinder.class.php` to minimize the risk of exploitation. Restrict access to sensitive files and directories to prevent unauthorized access.

**Name of the Vulnerable Software and Affected Versions** CDE libDtHelp library (affected versions not specified) **Description** A buffer overflow issue exists in the CDE libDtHelp library, allowing local users to execute arbitrary code. This can be achieved through various means, including modifying the `DTHELPUSERSEARCHPATH` environment variable and utilizing the Help feature, altering the `DTSEARCHPATH`, or modifying the `LOGNAME`. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Aspppls for Solaris version 8 **Description** The issue allows local users to overwrite arbitrary files via a symlink attack on the `.asppp.fifo` temporary file. **Recommendations** For Aspppls for Solaris version 8, consider restricting access to the `.asppp.fifo` temporary file to prevent a symlink attack until a patch is available.