WinSCP URL Protocol Handler Arbitrary File Access Vulnerability
|
Bugtraq ID:
|
25655
|
|
Class:
|
Access Validation Error
|
|
CVE:
|
|
|
Remote:
|
Yes
|
|
Local:
|
No
|
|
Published:
|
Sep 13 2007 12:00AM
|
|
Updated:
|
Sep 13 2007 07:21PM
|
|
Credit:
|
Kender.Security@gmail.com is credited with the discovery of this vulnerability.
|
|
Vulnerable:
|
WinSCP WinSCP 4.0.3
WinSCP WinSCP 4.0.2
WinSCP WinSCP 3.8.2
WinSCP WinSCP 3.8.1
WinSCP WinSCP 3.6.7
WinSCP WinSCP 3.6.6
WinSCP WinSCP 3.6.5 Beta
WinSCP WinSCP 3.6.1
WinSCP WinSCP 3.6
WinSCP WinSCP 3.5.6
WinSCP WinSCP 3.5.5 Beta
WinSCP WinSCP 2.0 .0
|
|
|
|
Not Vulnerable:
|
WinSCP WinSCP 4.0.4
|
|
