RSS   Vulnerabilities for 'Filevista'   RSS

2014-12-02
 
CVE-2014-8789

CWE-20
 

 
GleamTech FileVista before 6.1 allows remote authenticated users to create arbitrary files and possibly execute arbitrary code via a crafted path in a zip archive, which is not properly handled during extraction.

 
 
CVE-2014-8788

CWE-200
 

 
GleamTech FileVista before 6.1 allows remote authenticated users to obtain sensitive information via a crafted path when saving a zip file, which reveals the installation path in an error message.

 

 >>> Vendor: Gleamtech 2 Products
Filevista
Fileultimate


Copyright 2024, cxsecurity.com

 

Back to Top