PT-2014-3851 · Neofiler · Neofiler Free+2

Ryohei Koike

Publicado

2014-01-12

Atualizado

2014-01-14

CVE-2014-0805

CVSS v2.0

5.8

Média

Vetor

AV:N/AC:M/Au:N/C:N/I:P/A:P

Name of the Vulnerable Software and Affected Versions NeoFiler application versions 5.4.3 and earlier NeoFiler Free application versions 5.4.3 and earlier NeoFiler Lite application versions 2.4.2 and earlier

Description The issue allows attackers to overwrite or create arbitrary files via unspecified vectors, potentially leading to unauthorized access or data modification.

Recommendations For NeoFiler application versions 5.4.3 and earlier, update to a version later than 5.4.3. For NeoFiler Free application versions 5.4.3 and earlier, update to a version later than 5.4.3. For NeoFiler Lite application versions 2.4.2 and earlier, update to a version later than 2.4.2.

Correção

Path traversal

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-22

Identificadores relacionados

CVE-2014-0805

Produtos afetados

Neofiler

Neofiler Free

Neofiler Lite

PT-2014-3851 · Neofiler · Neofiler Free+2

CVE-2014-0805

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 7