mirror of
https://github.com/CVEProject/cvelist.git
synced 2025-07-29 05:56:59 +00:00
93 lines
2.8 KiB
JSON
93 lines
2.8 KiB
JSON
{
|
|
"CVE_data_meta" : {
|
|
"ASSIGNER" : "vultures@jpcert.or.jp",
|
|
"ID" : "CVE-2016-7843",
|
|
"STATE" : "PUBLIC"
|
|
},
|
|
"affects" : {
|
|
"vendor" : {
|
|
"vendor_data" : [
|
|
{
|
|
"product" : {
|
|
"product_data" : [
|
|
{
|
|
"product_name" : "AttacheCase for Java",
|
|
"version" : {
|
|
"version_data" : [
|
|
{
|
|
"version_value" : "Ver0.60 and earlier"
|
|
}
|
|
]
|
|
}
|
|
},
|
|
{
|
|
"product_name" : "AttacheCase Lite",
|
|
"version" : {
|
|
"version_data" : [
|
|
{
|
|
"version_value" : "Ver1.4.6 and earlier"
|
|
}
|
|
]
|
|
}
|
|
},
|
|
{
|
|
"product_name" : "AttacheCase Pro",
|
|
"version" : {
|
|
"version_data" : [
|
|
{
|
|
"version_value" : "Ver1.5.7 and earlier"
|
|
}
|
|
]
|
|
}
|
|
}
|
|
]
|
|
},
|
|
"vendor_name" : "MaruUo Factory"
|
|
}
|
|
]
|
|
}
|
|
},
|
|
"data_format" : "MITRE",
|
|
"data_type" : "CVE",
|
|
"data_version" : "4.0",
|
|
"description" : {
|
|
"description_data" : [
|
|
{
|
|
"lang" : "eng",
|
|
"value" : "Directory traversal vulnerability in AttacheCase for Java 0.60 and earlier, AttacheCase Lite 1.4.6 and earlier, and AttacheCase Pro 1.5.7 and earlier allows remote attackers to read arbitrary files via specially crafted ATC file."
|
|
}
|
|
]
|
|
},
|
|
"problemtype" : {
|
|
"problemtype_data" : [
|
|
{
|
|
"description" : [
|
|
{
|
|
"lang" : "eng",
|
|
"value" : "Directory traversal"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
"references" : {
|
|
"reference_data" : [
|
|
{
|
|
"name" : "http://maruuofactory.life.coocan.jp/attachecase/#pathTraversal",
|
|
"refsource" : "MISC",
|
|
"url" : "http://maruuofactory.life.coocan.jp/attachecase/#pathTraversal"
|
|
},
|
|
{
|
|
"name" : "JVN#28331227",
|
|
"refsource" : "JVN",
|
|
"url" : "http://jvn.jp/en/jp/JVN28331227/index.html"
|
|
},
|
|
{
|
|
"name" : "95445",
|
|
"refsource" : "BID",
|
|
"url" : "http://www.securityfocus.com/bid/95445"
|
|
}
|
|
]
|
|
}
|
|
}
|