exploitDog

CVE-2017-2140

Опубликовано: 28 апр. 2017

Источник: nvd

CVSS3: 8.8

CVSS2: 6.8

EPSS Низкий

Описание

Tablacus Explorer 17.3.30 and earlier allows arbitrary scripts to be executed in the context of the application due to specially crafted directory.

Ссылки

http://jvn.jp/en/jp/JVN64451600/index.html
Third Party Advisory
VDB Entry
http://tablacus.hatenablog.com/entry/2017/04/05/200424
Third Party Advisory
http://jvn.jp/en/jp/JVN64451600/index.html
Third Party Advisory
VDB Entry
http://tablacus.hatenablog.com/entry/2017/04/05/200424
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:gaku:tablacus_explorer:*:*:*:*:*:*:*:*

Версия до 17.3.30 (включая)

EPSS

Процентиль: 75%

0.00884

Низкий

8.8 High

CVSS3

6.8 Medium

CVSS2

Дефекты

CWE-74

Связанные уязвимости

GHSA-7675-9w76-j5q2

CVSS3: 8.8

github

больше 3 лет назад

Tablacus Explorer 17.3.30 and earlier allows arbitrary scripts to be executed in the context of the application due to specially crafted directory.

EPSS

Процентиль: 75%

0.00884

Низкий

8.8 High

CVSS3

6.8 Medium

CVSS2

Дефекты

CWE-74