Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2014-1975

Overview

Vulnerability Score 5.8 5.8
CVE Id CVE-2014-1975
Last Modified 30 Jul 2015 10:59:09
Published 18 Mar 2014 01:18:18
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2014-1975

Summary

Directory traversal vulnerability in the R-Company Unzipper application 1.0.1 and earlier for Android allows remote attackers to overwrite or create arbitrary files via a crafted filename.

Vulnerable Systems

Application

  • R-company Unzipper 1.0.0

  • R-company Unzipper 1.0.1


References

CONFIRM - https://play.google.com/store/apps/details?id=org.rhorita777.unzipper

JVNDB - JVNDB-2014-000031

JVN - JVN#38227002

CONFIRM - http://jvn.jp/en/jp/JVN38227002/995495/index.html

BID - 66250


Last Updated: 27 May 2016 11:04:42