Search

Find a vulnerability

Search criteria Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.

    1 vulnerability found for Root Explorer by Speed Software

    JVNDB-2015-000023

    Vulnerability from jvndb - Published: 2015-02-24 14:35 - Updated:2015-02-26 17:18
    Severity
    N/A (UNKNOWN) - -
    Summary
    Speed Software Root Explorer and Explorer vulnerable to directory traversal
    Details
    Root Explorer and Explorer provided by Speed Software contain an issue in processing file names, which may result in a directory traversal (CWE-22) vulnerability. Ryohei Koike of Sakura Information Systems Co., Ltd. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.
    Show details on JVN DB website

    {
      "@rdf:about": "https://jvndb.jvn.jp/en/contents/2015/JVNDB-2015-000023.html",
      "dc:date": "2015-02-26T17:18+09:00",
      "dcterms:issued": "2015-02-24T14:35+09:00",
      "dcterms:modified": "2015-02-26T17:18+09:00",
      "description": "Root Explorer and Explorer provided by Speed Software contain an issue in processing file names, which may result in a directory traversal (CWE-22) vulnerability.\r\n\r\nRyohei Koike of Sakura Information Systems Co., Ltd. reported this vulnerability to IPA.\r\nJPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.",
      "link": "https://jvndb.jvn.jp/en/contents/2015/JVNDB-2015-000023.html",
      "sec:cpe": [
        {
          "#text": "cpe:/a:speed_software:explorer",
          "@product": "Explorer",
          "@vendor": "Speed Software",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/a:speed_software:root_explorer",
          "@product": "Root Explorer",
          "@vendor": "Speed Software",
          "@version": "2.2"
        }
      ],
      "sec:cvss": {
        "@score": "4.3",
        "@severity": "Medium",
        "@type": "Base",
        "@vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
        "@version": "2.0"
      },
      "sec:identifier": "JVNDB-2015-000023",
      "sec:references": [
        {
          "#text": "http://jvn.jp/en/jp/JVN42768331/index.html",
          "@id": "JVN#42768331",
          "@source": "JVN"
        },
        {
          "#text": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9282",
          "@id": "CVE-2014-9282",
          "@source": "CVE"
        },
        {
          "#text": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-9282",
          "@id": "CVE-2014-9282",
          "@source": "NVD"
        },
        {
          "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
          "@id": "CWE-22",
          "@title": "Path Traversal(CWE-22)"
        }
      ],
      "title": "Speed Software Root Explorer and Explorer vulnerable to directory traversal"
    }