Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
2 vulnerabilities by softartisans
CVE-2007-1682 (GCVE-0-2007-1682)
Vulnerability from cvelistv5 – Published: 2008-08-27 20:00 – Updated: 2024-08-07 13:06
VLAI
Summary
Multiple stack-based buffer overflows in the FileManager ActiveX control in SAFmgPws.dll in SoftArtisans XFile before 2.4.0 allow remote attackers to execute arbitrary code via unspecified calls to the (1) BuildPath, (2) GetDriveName, (3) DriveExists, or (4) DeleteFile method.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
4 references
| URL | Tags |
|---|---|
| http://www.kb.cert.org/vuls/id/914785 | third-party-advisoryx_refsource_CERT-VN |
| http://secunia.com/advisories/31615 | third-party-advisoryx_refsource_SECUNIA |
| http://www.securityfocus.com/bid/30826 | vdb-entryx_refsource_BID |
| http://support.softartisans.com/Support-114.aspx | x_refsource_CONFIRM |
Date Public
2008-08-25 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T13:06:25.994Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "VU#914785",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/914785"
},
{
"name": "31615",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31615"
},
{
"name": "30826",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/30826"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.softartisans.com/Support-114.aspx"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-08-25T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Multiple stack-based buffer overflows in the FileManager ActiveX control in SAFmgPws.dll in SoftArtisans XFile before 2.4.0 allow remote attackers to execute arbitrary code via unspecified calls to the (1) BuildPath, (2) GetDriveName, (3) DriveExists, or (4) DeleteFile method."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2008-09-03T09:00:00.000Z",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"name": "VU#914785",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/914785"
},
{
"name": "31615",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31615"
},
{
"name": "30826",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/30826"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.softartisans.com/Support-114.aspx"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2007-1682",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple stack-based buffer overflows in the FileManager ActiveX control in SAFmgPws.dll in SoftArtisans XFile before 2.4.0 allow remote attackers to execute arbitrary code via unspecified calls to the (1) BuildPath, (2) GetDriveName, (3) DriveExists, or (4) DeleteFile method."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "VU#914785",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/914785"
},
{
"name": "31615",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31615"
},
{
"name": "30826",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/30826"
},
{
"name": "http://support.softartisans.com/Support-114.aspx",
"refsource": "CONFIRM",
"url": "http://support.softartisans.com/Support-114.aspx"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2007-1682",
"datePublished": "2008-08-27T20:00:00.000Z",
"dateReserved": "2007-03-26T00:00:00.000Z",
"dateUpdated": "2024-08-07T13:06:25.994Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-6865 (GCVE-0-2006-6865)
Vulnerability from cvelistv5 – Published: 2007-01-04 22:00 – Updated: 2024-08-07 20:42
VLAI
Summary
Directory traversal vulnerability in SAFileUpSamples/util/viewsrc.asp in SoftArtisans FileUp (SAFileUp) 5.0.14 allows remote attackers to read arbitrary files via a %c0%ae. (Unicode dot dot) in the path parameter, which bypasses the checks for ".." sequences.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
6 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/bid/21821 | vdb-entryx_refsource_BID |
| https://www.exploit-db.com/exploits/3046 | exploitx_refsource_EXPLOIT-DB |
| http://www.securityfocus.com/archive/1/455549/100… | mailing-listx_refsource_BUGTRAQ |
| http://www.vupen.com/english/advisories/2007/0014 | vdb-entryx_refsource_VUPEN |
| http://ingehenriksen.blogspot.com/2006/12/softart… | x_refsource_MISC |
| http://securityreason.com/securityalert/2094 | third-party-advisoryx_refsource_SREASON |
Date Public
2006-12-30 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T20:42:07.571Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "21821",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/21821"
},
{
"name": "3046",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/3046"
},
{
"name": "20061230 SoftArtisans FileUp(TM) viewsrc.asp remote script source disclosure exploit",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/455549/100/0/threaded"
},
{
"name": "ADV-2007-0014",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/0014"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://ingehenriksen.blogspot.com/2006/12/softartisans-fileup-viewsrcasp-remote.html"
},
{
"name": "2094",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/2094"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-12-30T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Directory traversal vulnerability in SAFileUpSamples/util/viewsrc.asp in SoftArtisans FileUp (SAFileUp) 5.0.14 allows remote attackers to read arbitrary files via a %c0%ae. (Unicode dot dot) in the path parameter, which bypasses the checks for \"..\" sequences."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-17T20:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "21821",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/21821"
},
{
"name": "3046",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/3046"
},
{
"name": "20061230 SoftArtisans FileUp(TM) viewsrc.asp remote script source disclosure exploit",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/455549/100/0/threaded"
},
{
"name": "ADV-2007-0014",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/0014"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://ingehenriksen.blogspot.com/2006/12/softartisans-fileup-viewsrcasp-remote.html"
},
{
"name": "2094",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/2094"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-6865",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Directory traversal vulnerability in SAFileUpSamples/util/viewsrc.asp in SoftArtisans FileUp (SAFileUp) 5.0.14 allows remote attackers to read arbitrary files via a %c0%ae. (Unicode dot dot) in the path parameter, which bypasses the checks for \"..\" sequences."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "21821",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/21821"
},
{
"name": "3046",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/3046"
},
{
"name": "20061230 SoftArtisans FileUp(TM) viewsrc.asp remote script source disclosure exploit",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/455549/100/0/threaded"
},
{
"name": "ADV-2007-0014",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/0014"
},
{
"name": "http://ingehenriksen.blogspot.com/2006/12/softartisans-fileup-viewsrcasp-remote.html",
"refsource": "MISC",
"url": "http://ingehenriksen.blogspot.com/2006/12/softartisans-fileup-viewsrcasp-remote.html"
},
{
"name": "2094",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/2094"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-6865",
"datePublished": "2007-01-04T22:00:00.000Z",
"dateReserved": "2007-01-04T00:00:00.000Z",
"dateUpdated": "2024-08-07T20:42:07.571Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}