The file comment feature in Rejetto HTTP File Server (hfs) 2.3c and earlier allows remote attackers to execute arbitrary code by uploading a file with certain invalid UTF-8 byte sequences that are interpreted as executable macro symbols.
References
Configurations
History
No history.
Information
Published : 2014-10-10 01:55
Updated : 2024-02-28 12:20
NVD link : CVE-2014-7226
Mitre link : CVE-2014-7226
CVE.ORG link : CVE-2014-7226
JSON object : View
Products Affected
rejetto
- http_file_server
CWE
CWE-94
Improper Control of Generation of Code ('Code Injection')