RSS   Vulnerabilities for 'Powerarchiver'   RSS

2021-06-21
 
CVE-2021-28684

CWE-611
 

 
The XML parser used in ConeXware PowerArchiver before 20.10.02 allows processing of external entities, which might lead to exfiltration of local files over the network (via an XXE attack).

 
2014-03-14
 
CVE-2014-2319

CWE-310
 

 
The Encrypt Files feature in ConeXware PowerArchiver before 14.02.05 uses legacy ZIP encryption even if the AES 256-bit selection is chosen, which makes it easier for context-dependent attackers to obtain sensitive information via a known-plaintext attack.

 

 >>> Vendor: Powerarchiver 5 Products
Powerarchiver 2002
Powerarchiver 2003
Powerarchiver 2004
Powerarchiver 2006
Powerarchiver


Copyright 2024, cxsecurity.com

 

Back to Top