2 results (0.001 seconds)

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 2

Directory traversal vulnerability in help.php in Trustport Webfilter 5.5.0.2232 allows remote attackers to read arbitrary files via a .. (dot dot) in the hf parameter. Vulnerabilidad de salto de directorio en help.php en Trustport Webfilter v5.5.0.2232 permite a atacantes remotos leer ficheros a través de .. (punto punto) en el parámetro “hf”. • http://archives.neohapsis.com/archives/bugtraq/2013-08/0043.html http://packetstormsecurity.com/files/122735/Trustport-Webfilter-Traversal-File-Disclosure.html http://www.securityfocus.com/bid/61662 https://exchange.xforce.ibmcloud.com/vulnerabilities/86289 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •

CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0

TrustPort Antivirus before 2.8.0.2266 and PC Security before 2.0.0.1291 use weak permissions (Everyone: Full Control) for files under %PROGRAMFILES%, which allows local users to gain privileges by replacing executables with Trojan horse programs. TrustPort Antivirus anterior v2.8.0.2266 y PC Security anterior v2.0.0.1291 usa permisos débiles (Todos: control total) para archivos bajo %PROGRAMFILES%, que permite a usuarios locales obtener privilegios reemplazando ejecutables con programas troyanos. • http://secunia.com/advisories/36880 http://www.securityfocus.com/archive/1/506751/100/0/threaded http://www.trustport.com/en/notices/security-update-of-trustport-products • CWE-732: Incorrect Permission Assignment for Critical Resource •