Refine your search
2 vulnerabilities found for ES File Explorer by ES APP Group
jvndb-2014-000033
Vulnerability from jvndb
Published
2014-03-20 14:05
Modified
2014-03-24 18:50
Summary
ES File Explorer vulnerable to directory traversal
Details
ES File Explorer provided by ES APP Group contains an issue in processing file names, which may result in a directory traversal (CWE-22) vulnerability.
Ryohei Koike of Sakura Information Systems Co., Ltd. reported this vulnerability to IPA.
JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.
References
Impacted products
| Vendor | Product | |
|---|---|---|
{
"@rdf:about": "https://jvndb.jvn.jp/en/contents/2014/JVNDB-2014-000033.html",
"dc:date": "2014-03-24T18:50+09:00",
"dcterms:issued": "2014-03-20T14:05+09:00",
"dcterms:modified": "2014-03-24T18:50+09:00",
"description": "ES File Explorer provided by ES APP Group contains an issue in processing file names, which may result in a directory traversal (CWE-22) vulnerability.\r\n\r\nRyohei Koike of Sakura Information Systems Co., Ltd. reported this vulnerability to IPA.\r\nJPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.",
"link": "https://jvndb.jvn.jp/en/contents/2014/JVNDB-2014-000033.html",
"sec:cpe": {
"#text": "cpe:/a:estrongs:es_file_explorer",
"@product": "ES File Explorer",
"@vendor": "ES APP Group",
"@version": "2.2"
},
"sec:cvss": {
"@score": "4.3",
"@severity": "Medium",
"@type": "Base",
"@vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"@version": "2.0"
},
"sec:identifier": "JVNDB-2014-000033",
"sec:references": [
{
"#text": "http://jvn.jp/en/jp/JVN70029459/index.html",
"@id": "JVN#70029459",
"@source": "JVN"
},
{
"#text": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1970",
"@id": "CVE-2014-1970",
"@source": "CVE"
},
{
"#text": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-1970",
"@id": "CVE-2014-1970",
"@source": "NVD"
},
{
"#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
"@id": "CWE-22",
"@title": "Path Traversal(CWE-22)"
}
],
"title": "ES File Explorer vulnerable to directory traversal"
}
jvndb-2012-000020
Vulnerability from jvndb
Published
2012-03-05 15:50
Modified
2012-03-05 15:50
Summary
ES File Explorer fails to restrict access permissions
Details
ES File Explorer provided by EStrongs, Inc. contains an issue where access permissions are not restricted.
ES File Explorer provided by EStrongs Inc. is a file and application manager. ES File Explorer contains an issue where access permissions are not restricted.
Shiongu of satoweb and Masafumi Horimoto of HOLLY & Co., Ltd. reported this vulnerability to IPA.
JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.
References
Impacted products
| Vendor | Product | |
|---|---|---|
{
"@rdf:about": "https://jvndb.jvn.jp/en/contents/2012/JVNDB-2012-000020.html",
"dc:date": "2012-03-05T15:50+09:00",
"dcterms:issued": "2012-03-05T15:50+09:00",
"dcterms:modified": "2012-03-05T15:50+09:00",
"description": "ES File Explorer provided by EStrongs, Inc. contains an issue where access permissions are not restricted.\r\n\r\nES File Explorer provided by EStrongs Inc. is a file and application manager. ES File Explorer contains an issue where access permissions are not restricted.\r\n\r\nShiongu of satoweb and Masafumi Horimoto of HOLLY \u0026 Co., Ltd. reported this vulnerability to IPA.\r\nJPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.",
"link": "https://jvndb.jvn.jp/en/contents/2012/JVNDB-2012-000020.html",
"sec:cpe": {
"#text": "cpe:/a:estrongs:es_file_explorer",
"@product": "ES File Explorer",
"@vendor": "ES APP Group",
"@version": "2.2"
},
"sec:cvss": {
"@score": "4.3",
"@severity": "Medium",
"@type": "Base",
"@vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"@version": "2.0"
},
"sec:identifier": "JVNDB-2012-000020",
"sec:references": [
{
"#text": "http://jvn.jp/en/jp/JVN08871006/index.html",
"@id": "JVN#08871006",
"@source": "JVN"
},
{
"#text": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0322",
"@id": "CVE-2012-0322",
"@source": "CVE"
},
{
"#text": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-0322",
"@id": "CVE-2012-0322",
"@source": "NVD"
},
{
"#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
"@id": "CWE-264",
"@title": "Permissions(CWE-264)"
}
],
"title": "ES File Explorer fails to restrict access permissions"
}