CVE-2005-3421

Name of the Vulnerable Software and Affected Versions Hyper Estraier version 1.0.1

Description The issue allows remote attackers to read unauthorized files by sending a crafted search request for a filename that contains Unicode characters. This is made possible through the estcmd in Hyper Estraier on Windows systems.

Recommendations For Hyper Estraier version 1.0.1, consider restricting access to the estcmd until a patch is available to prevent unauthorized file reading. As a temporary workaround, avoid using filenames that contain Unicode characters in search requests. At the moment, there is no information about a newer version that contains a fix for this vulnerability.