CVE-2016-7843

MEDIUM

AttacheCase for Java < 0.6.0, AttacheCase Lite < 1.4.6, AttacheCase Pro < 1.5.7 - Path Traversal via ATC File

Title source: llm
STIX 2.1

Description

Directory traversal vulnerability in AttacheCase for Java 0.60 and earlier, AttacheCase Lite 1.4.6 and earlier, and AttacheCase Pro 1.5.7 and earlier allows remote attackers to read arbitrary files via specially crafted ATC file.

References (3)

Core 3
Core References
Third Party Advisory, VDB Entry third-party-advisory x_refsource_jvn
http://jvn.jp/en/jp/JVN28331227/index.html
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/95445

Scores

CVSS v3 5.5
EPSS 0.0342
EPSS Percentile 87.4%
Attack Vector LOCAL
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

Details

CWE
CWE-22
Status published
Products (6)
hibara_software/attachecase_for_java < 0.6.0
hibara_software/attachecase_lite < 1.4.6
hibara_software/attachecase_pro < 1.5.7
MaruUo Factory/AttacheCase for Java Ver0.60 and earlier
MaruUo Factory/AttacheCase Lite Ver1.4.6 and earlier
MaruUo Factory/AttacheCase Pro Ver1.5.7 and earlier
Published Apr 28, 2017
Tracked Since Feb 18, 2026