WinSCP URL Protocol Handler Arbitrary File Access Vulnerability

Bugtraq ID: 25655
Class: Access Validation Error
CVE:
Remote: Yes
Local: No
Published: Sep 13 2007 12:00AM
Updated: Sep 13 2007 07:21PM
Credit: Kender.Security@gmail.com is credited with the discovery of this vulnerability.
Vulnerable: WinSCP WinSCP 4.0.3
WinSCP WinSCP 4.0.2
WinSCP WinSCP 3.8.2
WinSCP WinSCP 3.8.1
WinSCP WinSCP 3.6.7
WinSCP WinSCP 3.6.6
WinSCP WinSCP 3.6.5 Beta
WinSCP WinSCP 3.6.1
WinSCP WinSCP 3.6
WinSCP WinSCP 3.5.6
WinSCP WinSCP 3.5.5 Beta
WinSCP WinSCP 2.0 .0
Not Vulnerable: WinSCP WinSCP 4.0.4


 

Privacy Statement
Copyright 2010, SecurityFocus