CVE-2014-8789

FileVista < 6.0.9 - Authenticated Arbitrary File Write via Zip Archive Extraction

Title source: llm
STIX 2.1

Description

GleamTech FileVista before 6.1 allows remote authenticated users to create arbitrary files and possibly execute arbitrary code via a crafted path in a zip archive, which is not properly handled during extraction.

References (3)

Core 3
Core References
Mailing List mailing-list x_refsource_fulldisc
http://seclists.org/fulldisclosure/2014/Nov/87

Scores

EPSS 0.0322
EPSS Percentile 86.7%

Details

CWE
CWE-20
Status published
Products (1)
gleamtech/filevista < 6.0.9
Published Dec 02, 2014
Tracked Since Feb 18, 2026