Описание
The "Protect Worksheet" functionality in Mathsoft Mathcad 12 through 13.1, and PTC Mathcad 14, implements file access restrictions via a protection element in a gzipped XML file, which allows attackers to bypass these restrictions by removing this element.
Комментарий
Mathsoft sold mathcad to PTC in 2006. PTC now supports all vulnerable versions.
Ссылки
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:ptc:mathcad:12:*:*:*:*:*:*:*
cpe:2.3:a:ptc:mathcad:13:*:*:*:*:*:*:*
cpe:2.3:a:ptc:mathcad:13.1:*:*:*:*:*:*:*
cpe:2.3:a:ptc:mathcad:14:*:*:*:*:*:*:*
EPSS
Процентиль: 22%
0.00071
Низкий
4.6 Medium
CVSS2
Дефекты
CWE-264
Связанные уязвимости
github
почти 4 года назад
The "Protect Worksheet" functionality in Mathsoft Mathcad 12 through 13.1, and PTC Mathcad 14, implements file access restrictions via a protection element in a gzipped XML file, which allows attackers to bypass these restrictions by removing this element.
EPSS
Процентиль: 22%
0.00071
Низкий
4.6 Medium
CVSS2
Дефекты
CWE-264