CVE-2018-0659
MEDIUMhibara attachecase < 2.8.4.0 and <= 3.3.0.0 - Path Traversal via ATC File
Title source: llmDescription
Directory traversal vulnerability in ver.2.8.4.0 and earlier and ver.3.3.0.0 and earlier allows an attacker to create or overwrite existing files via specially crafted ATC file.
References (2)
Core 2
Core References
Release Notes, Vendor Advisory x_refsource_confirm
https://hibara.org/software/attachecase/?lang=en
Third Party Advisory third-party-advisory
x_refsource_jvn
http://jvn.jp/en/jp/JVN62121133/index.html
Scores
CVSS v3
5.5
EPSS
0.0142
EPSS Percentile
69.5%
Attack Vector
LOCAL
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
Details
CWE
CWE-22
Status
published
Products (1)
hibara/attachecase
< 2.8.4.0
Published
Sep 07, 2018
Tracked Since
Feb 18, 2026