CVE-2018-0659

MEDIUM

hibara attachecase < 2.8.4.0 and <= 3.3.0.0 - Path Traversal via ATC File

Title source: llm
STIX 2.1

Description

Directory traversal vulnerability in ver.2.8.4.0 and earlier and ver.3.3.0.0 and earlier allows an attacker to create or overwrite existing files via specially crafted ATC file.

References (2)

Core 2
Core References
Release Notes, Vendor Advisory x_refsource_confirm
https://hibara.org/software/attachecase/?lang=en
Third Party Advisory third-party-advisory x_refsource_jvn
http://jvn.jp/en/jp/JVN62121133/index.html

Scores

CVSS v3 5.5
EPSS 0.0142
EPSS Percentile 69.5%
Attack Vector LOCAL
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

Details

CWE
CWE-22
Status published
Products (1)
hibara/attachecase < 2.8.4.0
Published Sep 07, 2018
Tracked Since Feb 18, 2026