WinSCP URL Protocol Handler Arbitrary File Access Vulnerability

Bugtraq ID: 25655
Class: Access Validation Error
CVE: CVE-2007-4909
Remote: Yes
Local: No
Published: Sep 13 2007 12:00AM
Updated: May 07 2015 05:35PM
Credit: Kender.Security@gmail.com is credited with the discovery of this vulnerability.
Vulnerable: WinSCP WinSCP 4.0.3
WinSCP WinSCP 4.0.2
WinSCP WinSCP 3.8.2
WinSCP WinSCP 3.8.1
WinSCP WinSCP 3.6.7
WinSCP WinSCP 3.6.6
WinSCP WinSCP 3.6.5 Beta
WinSCP WinSCP 3.6.1
WinSCP WinSCP 3.6
WinSCP WinSCP 3.5.6
WinSCP WinSCP 3.5.5 Beta
WinSCP WinSCP 2.0 .0
Not Vulnerable: WinSCP WinSCP 4.0.4


 

Privacy Statement
Copyright 2010, SecurityFocus