WinSCP URL Protocol Handler Arbitrary File Access Vulnerability

Bugtraq ID: 25655
Class: Access Validation Error
CVE: CVE-2007-4909
Remote: Yes
Local: No
Published: Sep 13 2007 12:00AM
Updated: Apr 16 2015 06:09PM
Credit: Kender.Security@gmail.com is credited with the discovery of this vulnerability.
Vulnerable: WinSCP WinSCP 4.0.3
WinSCP WinSCP 4.0.2
WinSCP WinSCP 3.8.2
WinSCP WinSCP 3.8.1
WinSCP WinSCP 3.6.7
WinSCP WinSCP 3.6.6
WinSCP WinSCP 3.6.5 Beta
WinSCP WinSCP 3.6.1
WinSCP WinSCP 3.6
WinSCP WinSCP 3.5.6
WinSCP WinSCP 3.5.5 Beta
WinSCP WinSCP 2.0 .0
Not Vulnerable: WinSCP WinSCP 4.0.4


 

Privacy Statement
Copyright 2010, SecurityFocus