CVSS: 5.5EPSS: 2%CPEs: 1EXPL: 0CVE-2015-2869
https://notcve.org/view.php?id=CVE-2015-2869
21 Jul 2015 — The FileInfo plugin before 2.22 for Ghisler Total Commander allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via (1) a large Size value in the Archive Member Header of a COFF Archive Library file, (2) a large Number Of Symbols value in the 1st Linker Member of a COFF Archive Library file, (3) a large Resource Table Count value in the LE Header of a Linear Executable file, or (4) a large value in a certain Object field in a Resource Table Entry in a Linear Execu... • http://blogs.cisco.com/security/talos/fileinfo-plugin-dos • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 1%CPEs: 1EXPL: 1CVE-2007-4756
https://notcve.org/view.php?id=CVE-2007-4756
08 Sep 2007 — Directory traversal vulnerability in the FTP client in Total Commander before 7.02 allows remote FTP servers to create or overwrite arbitrary files via "..\" (dot dot backslash) sequences in a filename. NOTE: the "..\" are not displayed when the user lists files. NOTE: this can be leveraged for code execution by writing to a Startup folder. Vulnerabilidad de salto de directorio en el cliente FTP de Total Commander versiones anteriores a 7.02, permite a servidores FTP remotos crear o sobre-escribir ficheros ... • http://blog.hispasec.com/lab/advisories/adv_TotalCommander_7_01_Remote_Traversal.txt • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 7.1EPSS: 0%CPEs: 1EXPL: 0CVE-2007-0263
https://notcve.org/view.php?id=CVE-2007-0263
16 Jan 2007 — Unspecified vulnerability in Total Commander before 6.5.6 allows user-assisted remote attackers to delete arbitrary files and corrupt a filesystem via a crafted RAR file. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information. Vulnerabilidad desconocida en Total Commander versiones anteriores a 6.5.6, permite a atacantes remotos con la complicidad del usuario borrar ficheros de su elección y corromper el sistema de ficheros mediante un fichero RAR m... • http://osvdb.org/39837 •
CVSS: 7.1EPSS: 0%CPEs: 1EXPL: 0CVE-2005-4066
https://notcve.org/view.php?id=CVE-2005-4066
07 Dec 2005 — Total Commander 6.53 uses weak encryption to store FTP usernames and passwords in WCX_FTP.INI, which allows local users to decrypt the passwords and gain access to FTP servers, as possibly demonstrated by the W32.Gudeb worm. • http://securitytracker.com/id?1015311 • CWE-310: Cryptographic Issues •