CVE-2016-7843
MEDIUMAttacheCase for Java < 0.6.0, AttacheCase Lite < 1.4.6, AttacheCase Pro < 1.5.7 - Path Traversal via ATC File
Title source: llmDescription
Directory traversal vulnerability in AttacheCase for Java 0.60 and earlier, AttacheCase Lite 1.4.6 and earlier, and AttacheCase Pro 1.5.7 and earlier allows remote attackers to read arbitrary files via specially crafted ATC file.
References (3)
Core 3
Core References
Third Party Advisory, VDB Entry third-party-advisory
x_refsource_jvn
http://jvn.jp/en/jp/JVN28331227/index.html
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/95445
Third Party Advisory x_refsource_misc
http://maruuofactory.life.coocan.jp/attachecase/#pathTraversal
Scores
CVSS v3
5.5
EPSS
0.0342
EPSS Percentile
87.4%
Attack Vector
LOCAL
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
Details
CWE
CWE-22
Status
published
Products (6)
hibara_software/attachecase_for_java
< 0.6.0
hibara_software/attachecase_lite
< 1.4.6
hibara_software/attachecase_pro
< 1.5.7
MaruUo Factory/AttacheCase for Java
Ver0.60 and earlier
MaruUo Factory/AttacheCase Lite
Ver1.4.6 and earlier
MaruUo Factory/AttacheCase Pro
Ver1.5.7 and earlier
Published
Apr 28, 2017
Tracked Since
Feb 18, 2026