CVE-2007-2266

Progress Webspeed Messenger allows remote attackers to read, create, modify, and execute arbitrary files by invoking webutil/_cpyfile.p in the WService parameter to (1) cgiip.exe or (2) wsisa.dll in scripts/, as demonstrated by using the save,editor options to create a new file using the fileName parameter.
Configurations

Configuration 1 (hide)

cpe:2.3:a:progress:webspeed_messenger:*:*:*:*:*:*:*:*

History

No history.

Information

Published : 2007-04-25 20:19

Updated : 2024-02-28 11:01


NVD link : CVE-2007-2266

Mitre link : CVE-2007-2266

CVE.ORG link : CVE-2007-2266


JSON object : View

Products Affected

progress

  • webspeed_messenger