CVE-2014-7226

Name of the Vulnerable Software and Affected Versions Rejetto HTTP File Server (hfs) versions 2.3c and earlier

Description The issue allows remote attackers to execute arbitrary code by uploading a file with certain invalid UTF-8 byte sequences that are interpreted as executable macro symbols. This is related to the file comment feature.

Recommendations For versions 2.3c and earlier, update to a version later than 2.3c to resolve the issue. As a temporary workaround, consider disabling the file comment feature until a patch is available.