CVE-2007-4756

NONECVSS 0.0

0.0

Directory traversal vulnerability in the FTP client in Total Commander before 7.02 allows remote FTP servers to create or overwrite arbitrary files via "..\" (dot dot backslash) sequences in a filename. NOTE: the "..\" are not displayed when the user lists files. NOTE: this can be leveraged for code execution by writing to a Startup folder.

🔗 References (22)

cve@mitrehttp://blog.hispasec.com/lab/advisories/adv_TotalCommander_7_01_Remote_Traversal.txt
cve@mitrehttp://osvdb.org/39838
cve@mitrehttp://secunia.com/advisories/26734
cve@mitrehttp://securityreason.com/securityalert/3106
cve@mitrehttp://www.ghisler.com/whatsnew.htm
cve@mitrehttp://www.securityfocus.com/archive/1/478720/100/0/threaded
cve@mitrehttp://www.securityfocus.com/bid/25581
cve@mitrehttp://www.securitytracker.com/id?1018662
cve@mitrehttp://www.vupen.com/english/advisories/2007/3102
cve@mitrehttps://exchange.xforce.ibmcloud.com/vulnerabilities/36486
cve@mitrehttps://exchange.xforce.ibmcloud.com/vulnerabilities/36487
af854a3a-2127-422b-91ae-364da2661108http://blog.hispasec.com/lab/advisories/adv_TotalCommander_7_01_Remote_Traversal.txt
af854a3a-2127-422b-91ae-364da2661108http://osvdb.org/39838
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/26734
af854a3a-2127-422b-91ae-364da2661108http://securityreason.com/securityalert/3106

Is Your Infrastructure Affected by CVE-2007-4756?

EchelonGraph automatically scans your cloud infrastructure and maps CVE exposure using blast radius analysis.

Start Free Scan →Browse All CVEs

CVE-2007-4756

📅 Published

🔄 Last Modified

🔗 References (22)

Dependency Blast Radius

Is Your Infrastructure Affected by CVE-2007-4756?