Search criteria Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.

1 vulnerability found for Explorer by Speed Software

JVNDB-2015-000023

Vulnerability from jvndb - Published: 2015-02-24 14:35 - Updated:2015-02-26 17:18
Severity ?
N/A (UNKNOWN) - -
Summary
Speed Software Root Explorer and Explorer vulnerable to directory traversal
Details
Root Explorer and Explorer provided by Speed Software contain an issue in processing file names, which may result in a directory traversal (CWE-22) vulnerability. Ryohei Koike of Sakura Information Systems Co., Ltd. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.
References
Impacted products
Show details on JVN DB website
To clipboard 

{
  "@rdf:about": "https://jvndb.jvn.jp/en/contents/2015/JVNDB-2015-000023.html",
  "dc:date": "2015-02-26T17:18+09:00",
  "dcterms:issued": "2015-02-24T14:35+09:00",
  "dcterms:modified": "2015-02-26T17:18+09:00",
  "description": "Root Explorer and Explorer provided by Speed Software contain an issue in processing file names, which may result in a directory traversal (CWE-22) vulnerability.\r\n\r\nRyohei Koike of Sakura Information Systems Co., Ltd. reported this vulnerability to IPA.\r\nJPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.",
  "link": "https://jvndb.jvn.jp/en/contents/2015/JVNDB-2015-000023.html",
  "sec:cpe": [
    {
      "#text": "cpe:/a:speed_software:explorer",
      "@product": "Explorer",
      "@vendor": "Speed Software",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:speed_software:root_explorer",
      "@product": "Root Explorer",
      "@vendor": "Speed Software",
      "@version": "2.2"
    }
  ],
  "sec:cvss": {
    "@score": "4.3",
    "@severity": "Medium",
    "@type": "Base",
    "@vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
    "@version": "2.0"
  },
  "sec:identifier": "JVNDB-2015-000023",
  "sec:references": [
    {
      "#text": "http://jvn.jp/en/jp/JVN42768331/index.html",
      "@id": "JVN#42768331",
      "@source": "JVN"
    },
    {
      "#text": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9282",
      "@id": "CVE-2014-9282",
      "@source": "CVE"
    },
    {
      "#text": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-9282",
      "@id": "CVE-2014-9282",
      "@source": "NVD"
    },
    {
      "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
      "@id": "CWE-22",
      "@title": "Path Traversal(CWE-22)"
    }
  ],
  "title": "Speed Software Root Explorer and Explorer vulnerable to directory traversal"
}